New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ES-v5.0.1 throw java.lang.SecurityException while snapshot #22156
Comments
@jbaiera could you take a look at this please? |
Dear @jbaiera @clintongormley, have you fixed the bug? Or should I provide something more for you to solve it? |
@ervinyang Could you provide some information about how you have HDFS set up? (distribution, version, security on/off) Thanks! |
Thanks! |
I'm facing the same problem. If I grant all permissions to the plugin it works. So I should happen because of missing grant permissions (for org.apache.hadoop.security.Credentials)? |
@mrauter What do you mean by "If I grant all permissions to the plugin" ? Could you paste the plugin-security.policy file? We are hitting this too |
@tangfl |
Hi everyone, Same problem :
Curl Answer : Log : I don't know how to produce the plugin-security.policy extract. |
@mrauter set " permission java.security.AllPermission ;" is also throw exception. |
Hi everyone, Caused by: java.security.AccessControlException: access denied ("javax.security.auth.PrivateCredentialPermission" "org.apache.hadoop.security.Credentials" "read") I tried to load setting ALL permissions on java policy, but it's like if it doesn't read the config or just ignores it. If you need anymore info or tests, I'm happy to help. |
same problem |
so bad |
@netmanito Can you please paste the entire stack trace you see in the logs? |
Hi, for the following GET request,
Also, If I restart any node, there's a connection error on start although connectivity is correct. Regards |
I resove this problem by modify plugin source plugin-security.policy
HdfsBlobStore.java remove
|
I have solved it by add a Java Security Manager settings in jvm.options
My policy file path is |
@YDHui You have included |
Any update on this? I got the same problem. |
There's an open PR for it: #23439. This is not a simple issue. |
Not sure if it's helpful at this point, but if you need an easy way to reproduce this problem, I ran into this right away with an out-of-the-box hadoop docker image - in fact, all I was looking to do was to give the HDFS plugin a quick test drive. |
After Elasticsearch v5.4.0 is out, #23439 seems not helpful.
|
@MrGarry2016 this is fixed in 5.4.1 |
@clintongormley We want to install 5.4.1 version of the plugin. How can we install that specific version of the hdfs plugin to the 5.4.0 running ES cluster? |
you have to wait until it is released |
@adkhare Also, you simply can't install version 5.4.1 of the plugin (when it is released) on a 5.4.0 node. |
Is there a way to track when this is released?? If I subscribe to this thread would that be sufficient?? |
@326TimesBetter Yes, although subscribing to this thread is not sufficient yet you can track releases on the Elastic website. |
@YDHui Used your solution and it worked except I didn't have to set "permission java.security.AllPermission;" in the plugin-security.policy , thereby not comprising the entire security definitions. Thanks. By the way my system configuration is N.B I wonder why by default the plugin-security.policy file was not detected. the JAVA_OPTS in the jvm.options file had to the trick i.e the line |
Elasticsearch version: 5.0.1
Plugins installed:
repository-hdfs
JVM version:
OS version:
Description of the problem including expected versus actual behavior:
When I create repositories, ES response
but when I create snapshot of index, it throws exception:
Steps to reproduce:
1.create repositories
2.snapshot my index
3.exception is thrown
The text was updated successfully, but these errors were encountered: