Skip to content

Removed unused "else" branch for no entitlements/no SM #122354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Feb 13, 2025
Merged

Removed unused "else" branch for no entitlements/no SM #122354

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 2 additions & 5 deletions server/src/main/java/org/elasticsearch/bootstrap/Elasticsearch.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,8 @@ private static void initPhase2(Bootstrap bootstrap) throws IOException {
nodeEnv.configDir(),
nodeEnv.tmpDir()
);
} else if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
} else {
assert RuntimeVersionFeature.isSecurityManagerAvailable();
Copy link
Member

@rjernst rjernst Feb 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An assert won't run in production/snapshot code, so if eg someone testing a snapshot or RC tries running with JDK24, they will get a nasty error from trying to use SM below. Could we make this more explicit with a helpful error message?

Copy link
Contributor Author

@ldematte ldematte Feb 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That like will always be true unless we make a change to code - the change in your PR ensures it. I added the assert to protect against ourselves (if we change something, and open the possibility of having neither, things in CI would start to fail).
I can make the change if you want of course, but no one should ever see that error message.

Copy link
Member

@rjernst rjernst Feb 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps I'm still missing something: wouldn't a user that say uses a custom JVM of 24 on a snapshot of 9.0 beta hit this?

Copy link
Contributor Author

@ldematte ldematte Feb 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already guarantee we use entitlements when we have a JVM 24:

final boolean useEntitlements = RuntimeVersionFeature.isSecurityManagerAvailable() == false || entitlementsExplicitlyEnabled;

(initPhase1)

So with 24 we always hit the entitlements branch.
The assert is here in case we change that logic and we don't realize it, leaving us uncovered again, but it is not strictly needed.

Copy link
Member

@rjernst rjernst Feb 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, thank you! That's what I was missing.

// no need to explicitly enable native access for legacy code
pluginsLoader = PluginsLoader.createPluginsLoader(modulesBundles, pluginsBundles, Map.of());
// install SM after natives, shutdown hooks, etc.
Expand All @@ -259,10 +260,6 @@ private static void initPhase2(Bootstrap bootstrap) throws IOException {
SECURITY_FILTER_BAD_DEFAULTS_SETTING.get(args.nodeSettings()),
args.pidFile()
);
} else {
// TODO: should we throw/interrupt startup in this case?
pluginsLoader = PluginsLoader.createPluginsLoader(modulesBundles, pluginsBundles, Map.of());
LogManager.getLogger(Elasticsearch.class).warn("Bootstrapping without any protection");
}

bootstrap.setPluginsLoader(pluginsLoader);
Expand Down