Bugfix: create the tmp dir if it doesn't exist #102599
Conversation
elasticsearchmachine
added
needs:triage
jan-elastic
added
>bug
:ml
|
Pinging @elastic/ml-core (Team:ML) |
|
Hi @jan-elastic, I've created a changelog YAML for you. |
| @@ -249,6 +251,7 @@ private void buildScheduledEventsConfig(List<String> command) throws IOException | |||
| } | |||
|
|
|||
| private void buildJobConfig(List<String> command) throws IOException { | |||
| Files.createDirectories(env.tmpFile()); | |||
There was a problem hiding this comment.
This simple fix resolves the problem locally.
I don't know if my local environment is close enough to production w.r.t. security, permissions, etc, to judge whether this will also work in production.
There was a problem hiding this comment.
Update: this fix also works in a Dockerized Ubuntu 20.04.
The following flow succeeds:
- start Elasticsearch
- open job
- close job
- remove tmp dir
- open job
The deleted tmp dir is successfully recreated.
There was a problem hiding this comment.
Great, thanks for testing that. The final thing to confirm is the permissions.
There was a problem hiding this comment.
Note: without this fix you get something like
java.nio.file.NoSuchFileException: /tmp/elasticsearch-14675733582508699252/config6396271037101692016.json
|
There's one more place that needs changing, in The place where the temp directory gets created at server startup is here: Because at that time it's created using This is what we want for a secure temp directory. Please check that At startup we already do something different on Windows here: So it looks like on Windows we can match the startup behaviour by not supplying any attributes. In the ML code you can use So please wrap all this up into a |
jan-elastic
force-pushed
the
create-tmp-dir-if-not-exists
branch
from
a911640
to
9e8e297
Compare
|
You're correct: my new directory was created with permissions That's fixed now. |
There was a problem hiding this comment.
There are 2 situations where the code should ensure the temp directory exists. One is for anomaly detection and DFA jobs where they write config files to the temp directory which is covered here. The other is where the code creates named pipes to talk to those processes. This happens in the ProcessPipes class and that code is used to connect to all the native processes that we deploy.
Before those pipes are created add the same call to FileUtils.recreateTempDirectoryIfNeeded(env.tmpFile());
This can be done in the constructor or in the ProcessPipes::connectLogStream and ProcessPipes::connectOtherStreams methods
This doesn't apply to Windows where named pipes are created differently:
https://github.com/elastic/elasticsearch/blob/main/x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/utils/NamedPipeHelper.java#L73
x-pack/plugin/ml/src/main/java/org/elasticsearch/xpack/ml/utils/FileUtils.java
Show resolved
Hide resolved
|
Added recreating the tmp dir in I didn't bother to make an exception for Windows: I think recreating the temp dir is a noop in Windows (Windows doesn't clean up), and otherwise it's pretty cheap anyway. |
jan-elastic
added
the
auto-backport-and-merge
💔 Backport failedYou can use sqren/backport to manually backport by running |
* Make sure the tmp dir exists before creating a tmp file * Correct file permissions * changelog * Recreate tmp dir before creating named pipes
See: