Skip to content

Comments

[Entitlements] Fix "No SecurityManager when entitlements are enabled"#119742

Merged
ldematte merged 2 commits intoelastic:mainfrom
ldematte:entitlements/boostrap-disallow-sm-miss
Jan 8, 2025
Merged

[Entitlements] Fix "No SecurityManager when entitlements are enabled"#119742
ldematte merged 2 commits intoelastic:mainfrom
ldematte:entitlements/boostrap-disallow-sm-miss

Conversation

@ldematte
Copy link
Contributor

@ldematte ldematte commented Jan 8, 2025
edited
Loading

Missing test still using SM even when disabled, plus revert change to SystemJvmOptions to keep allowing the SM. It seems that Hadoop needs that, as it does check if the SM is allowed via Subject#getSubject. This is a temp fix, as Subject#getSubject is effectively removed from JDK 24 (throws UnsupportedOperationException), but in the meantime allows our tests to run
(in the long run we should update Hadoop after apache/hadoop#7081 has been merged)

@ldematte ldematte changed the title [Entitlements] More no SecurityManager when entitlements are enabled [Entitlements] Fix "No SecurityManager when entitlements are enabled" Jan 8, 2025
@ldematte ldematte mentioned this pull request Jan 8, 2025
Merged
@ldematte ldematte added >test Issues or PRs that are addressing/adding tests :Core/Infra/Core Core issues without another label auto-backport Automatically create backport pull requests when merged v8.18.0 labels Jan 8, 2025
@ldematte ldematte marked this pull request as ready for review January 8, 2025 11:06
@ldematte ldematte requested a review from a team as a code owner January 8, 2025 11:06
@elasticsearchmachine elasticsearchmachine added the Team:Core/Infra Meta label for core/infra team label Jan 8, 2025
@elasticsearchmachine
Copy link
Collaborator

elasticsearchmachine commented Jan 8, 2025

Pinging @elastic/es-core-infra (Team:Core/Infra)

@ldematte ldematte requested review from prdoyle and rjernst January 8, 2025 11:50
prdoyle
prdoyle approved these changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@prdoyle prdoyle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We still won't be setting up the SecurityManager thanks to this else if, but assuming that's not necessary, LGTM.

distribution/tools/server-cli/src/main/java/org/elasticsearch/server/cli/SystemJvmOptions.java
private static Stream<String> maybeAllowSecurityManager(boolean useEntitlements) {
if (useEntitlements == false && RuntimeVersionFeature.isSecurityManagerAvailable()) {
if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
// Will become conditional on useEntitlements once entitlements can run without SM
Copy link
Contributor

@prdoyle prdoyle Jan 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Heh, a prescient comment here.

Copy link
Contributor Author

@ldematte ldematte Jan 8, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ehehe! I can remove/reword the comment :)
EDIT: it actually still make sense!

...-example-spi-extension/src/main/java/org/elasticsearch/example/ExampleSecurityExtension.java
static {
if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
final boolean useEntitlements = Boolean.parseBoolean(System.getProperty("es.entitlements.enabled"));
if (useEntitlements == false && RuntimeVersionFeature.isSecurityManagerAvailable()) {
Copy link
Contributor

@prdoyle prdoyle Jan 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we check for entitlements here?

Copy link
Contributor Author

@ldematte ldematte Jan 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we don't, and run with test-entitlement/ with entitlement enabled, there will be no Security Manager -- will be null and throw an exception.

@ldematte
Copy link
Contributor Author

ldematte commented Jan 8, 2025

We still won't be setting up the SecurityManager thanks to this else if, but assuming that's not necessary

Exactly, we still have no SM effectively, but we need it to be allowed for Subject#getSubject to work (I know, pretty weird)

@ldematte ldematte merged commit 28ce53f into elastic:main Jan 8, 2025
@ldematte ldematte deleted the entitlements/boostrap-disallow-sm-miss branch January 8, 2025 14:17
@elasticsearchmachine
Copy link
Collaborator

elasticsearchmachine commented Jan 8, 2025

💔 Backport failed

Status Branch Result
8.x Commit could not be cherrypicked due to conflicts

You can use sqren/backport to manually backport by running backport --upstream elastic/elasticsearch --pr 119742

This was referenced Jan 8, 2025
Closed
Merged
elasticsearchmachine pushed a commit that referenced this pull request Jan 8, 2025
@ldematte
Fix test + Hadoop (#119765)
d521232 
Backport of #119742
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prdoyle prdoyle prdoyle approved these changes

@rjernst rjernst Awaiting requested review from rjernst

Assignees

No one assigned

Labels

auto-backport Automatically create backport pull requests when merged :Core/Infra/Core Core issues without another label Team:Core/Infra Meta label for core/infra team >test Issues or PRs that are addressing/adding tests v8.18.0 v9.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ldematte @elasticsearchmachine @prdoyle