875387936b
The Log4j shutdown hack test tests that a hack we have in place to workaround a bug in Log4j during shutdown is effective. Log4j can use JMX to control logging levels, but we disable this through the use of a system property log4j2.disable.jmx (mainly because there is no need for this feature, but it also means granting additional security permissions). The bug in Log4j is that during shutdown, it neglects to check whether or not its usage of JMX is disable and so it attempts to unregister management beans, leading to a permissions violation. The test works by attempting to shutdown Log4j and thus triggering the bad code path. With the Log4j hack in place, we have introduced jar hell so that its our code running instead of code from the Log4j jar. Our code correctly checks that the usage of JMX is disabled and thus does not trip on a permissions violation. The test was a little complicated in that it attempted to just grant the minimal permissions needed for Log4j to do its thing, but this can sometimes lead to other unwanted permissions violations because the permissions put in place are more restrictive necessary. This commit simplifies this situation by rewriting the test to only deny Log4j the sole permission needed to trigger the bug. Relates #20476 |
||
|---|---|---|
| .. | ||
| backwards-5.0 | ||
| evil-tests | ||
| smoke-test-client | ||
| smoke-test-http | ||
| smoke-test-ingest-disabled | ||
| smoke-test-ingest-with-all-dependencies | ||
| smoke-test-multinode | ||
| smoke-test-plugins | ||
| smoke-test-reindex-with-painless | ||
| vagrant | ||