From 90ba5625514718dacc25a901ca2ad7e263f94f64 Mon Sep 17 00:00:00 2001 From: Ryan Ernst Date: Fri, 18 Apr 2025 19:29:38 -0700 Subject: [PATCH 1/2] Remove security manager from tests Now that entitlements are always used, there is no need to run tests with security manager (a future enhancement will run tests with entitlements). This commit removes setting up security manager from tests. --- .../server/cli/APMJvmOptionsTests.java | 1 - .../server/cli/JvmErgonomicsTests.java | 2 - .../server/cli/JvmOptionsParserTests.java | 2 - .../server/cli/MachineDependentHeapTests.java | 2 - .../org/elasticsearch/cli/TerminalTests.java | 2 - .../impl/InstrumentationServiceImplTests.java | 1 - .../impl/InstrumenterTests.java | 1 - .../entitlement/bridge/UtilTests.java | 1 - .../EntitlementInitializationTests.java | 1 - .../runtime/policy/FileAccessTreeTests.java | 1 - .../runtime/policy/PolicyManagerTests.java | 1 - .../runtime/policy/PolicyParserTests.java | 1 - .../runtime/policy/PolicyUtilsTests.java | 1 - .../nativeaccess/ProcessLimitsTests.java | 1 - .../nativeaccess/SystemCallFilterTests.java | 1 - .../VectorSystemPropertyTests.java | 2 - .../bootstrap/EvilBootstrapChecksTests.java | 2 - .../bootstrap/PluginsResolverTests.java | 1 - .../MasterNodeFileWatchingServiceTests.java | 1 - .../plugins/PluginsLoaderTests.java | 1 - .../plugins/UberModuleClassLoaderTests.java | 1 - .../internal/ReloadAwarePluginTests.java | 1 - .../bootstrap/BootstrapForTesting.java | 238 +----------------- .../elasticsearch/cli/CommandTestCase.java | 1 - .../org/elasticsearch/test/ESTestCase.java | 37 --- 25 files changed, 4 insertions(+), 300 deletions(-) diff --git a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/APMJvmOptionsTests.java b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/APMJvmOptionsTests.java index 0e067afc1aa73..1b2ea41cee911 100644 --- a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/APMJvmOptionsTests.java +++ b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/APMJvmOptionsTests.java @@ -38,7 +38,6 @@ import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; -@ESTestCase.WithoutSecurityManager public class APMJvmOptionsTests extends ESTestCase { private Path installDir; diff --git a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmErgonomicsTests.java b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmErgonomicsTests.java index 900eab4de1bf2..6410e26ce0d36 100644 --- a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmErgonomicsTests.java +++ b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmErgonomicsTests.java @@ -15,7 +15,6 @@ import org.elasticsearch.common.util.concurrent.EsExecutors; import org.elasticsearch.node.NodeRoleSettings; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import java.io.IOException; import java.util.ArrayList; @@ -41,7 +40,6 @@ import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; -@WithoutSecurityManager @SuppressFileSystems("*") public class JvmErgonomicsTests extends ESTestCase { diff --git a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmOptionsParserTests.java b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmOptionsParserTests.java index 2ff7daa395b1c..163c3f943dd17 100644 --- a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmOptionsParserTests.java +++ b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/JvmOptionsParserTests.java @@ -15,7 +15,6 @@ import org.elasticsearch.core.IOUtils; import org.elasticsearch.core.Strings; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import org.junit.AfterClass; import org.junit.BeforeClass; @@ -43,7 +42,6 @@ import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.Matchers.not; -@WithoutSecurityManager @LuceneTestCase.SuppressFileSystems("*") public class JvmOptionsParserTests extends ESTestCase { diff --git a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/MachineDependentHeapTests.java b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/MachineDependentHeapTests.java index e2dc9f32647e0..64b46f1bca98f 100644 --- a/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/MachineDependentHeapTests.java +++ b/distribution/tools/server-cli/src/test/java/org/elasticsearch/server/cli/MachineDependentHeapTests.java @@ -11,7 +11,6 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import org.hamcrest.Matcher; import java.util.Collections; @@ -21,7 +20,6 @@ import static org.hamcrest.Matchers.empty; // TODO: rework these tests to mock jvm option finder so they can run with security manager, no forking needed -@WithoutSecurityManager public class MachineDependentHeapTests extends ESTestCase { public void testDefaultHeapSize() throws Exception { diff --git a/libs/cli/src/test/java/org/elasticsearch/cli/TerminalTests.java b/libs/cli/src/test/java/org/elasticsearch/cli/TerminalTests.java index d6fba5116536d..c8ef64ced7754 100644 --- a/libs/cli/src/test/java/org/elasticsearch/cli/TerminalTests.java +++ b/libs/cli/src/test/java/org/elasticsearch/cli/TerminalTests.java @@ -10,7 +10,6 @@ package org.elasticsearch.cli; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import java.io.IOException; import java.io.OutputStream; @@ -23,7 +22,6 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; -@WithoutSecurityManager public class TerminalTests extends ESTestCase { public void testSystemTerminalIfRedirected() { diff --git a/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumentationServiceImplTests.java b/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumentationServiceImplTests.java index 25689f0b8a636..c8bfa006ddee3 100644 --- a/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumentationServiceImplTests.java +++ b/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumentationServiceImplTests.java @@ -23,7 +23,6 @@ import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.hasEntry; -@ESTestCase.WithoutSecurityManager public class InstrumentationServiceImplTests extends ESTestCase { final InstrumentationService instrumentationService = new InstrumentationServiceImpl(); diff --git a/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumenterTests.java b/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumenterTests.java index 35251ec9c7d0e..c060397b909db 100644 --- a/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumenterTests.java +++ b/libs/entitlement/asm-provider/src/test/java/org/elasticsearch/entitlement/instrumentation/impl/InstrumenterTests.java @@ -39,7 +39,6 @@ * This tests {@link InstrumenterImpl} can instrument various method signatures * (e.g. overloaded methods, overloaded targets, multiple instrumentation, etc.) */ -@ESTestCase.WithoutSecurityManager public class InstrumenterTests extends ESTestCase { private static final Logger logger = LogManager.getLogger(InstrumenterTests.class); diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/bridge/UtilTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/bridge/UtilTests.java index e1bf161174bb3..cd53271c08ea8 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/bridge/UtilTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/bridge/UtilTests.java @@ -13,7 +13,6 @@ import static org.elasticsearch.entitlement.bridge.UtilTests.MockSensitiveClass.mockSensitiveMethod; -@ESTestCase.WithoutSecurityManager public class UtilTests extends ESTestCase { public void testCallerClass() { diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/initialization/EntitlementInitializationTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/initialization/EntitlementInitializationTests.java index 3b9f664297651..80c7d0d77d449 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/initialization/EntitlementInitializationTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/initialization/EntitlementInitializationTests.java @@ -26,7 +26,6 @@ import static org.hamcrest.Matchers.endsWith; import static org.hamcrest.Matchers.startsWith; -@ESTestCase.WithoutSecurityManager public class EntitlementInitializationTests extends ESTestCase { private static PathLookup TEST_PATH_LOOKUP; diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTreeTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTreeTests.java index faa6424eabfc0..4f927823ee6f5 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTreeTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/FileAccessTreeTests.java @@ -37,7 +37,6 @@ import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; -@ESTestCase.WithoutSecurityManager public class FileAccessTreeTests extends ESTestCase { static Path root; diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyManagerTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyManagerTests.java index 4e8ac7c547984..9e551a9b45807 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyManagerTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyManagerTests.java @@ -44,7 +44,6 @@ import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.sameInstance; -@ESTestCase.WithoutSecurityManager public class PolicyManagerTests extends ESTestCase { /** diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyParserTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyParserTests.java index 8518b60f0ed01..6160a6199a8ac 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyParserTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyParserTests.java @@ -33,7 +33,6 @@ import static org.hamcrest.Matchers.contains; import static org.hamcrest.Matchers.equalTo; -@ESTestCase.WithoutSecurityManager public class PolicyParserTests extends ESTestCase { public static String TEST_ABSOLUTE_PATH_TO_FILE; diff --git a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyUtilsTests.java b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyUtilsTests.java index 8ee0ce3736a8d..b19ccae8f53ec 100644 --- a/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyUtilsTests.java +++ b/libs/entitlement/src/test/java/org/elasticsearch/entitlement/runtime/policy/PolicyUtilsTests.java @@ -34,7 +34,6 @@ import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.nullValue; -@ESTestCase.WithoutSecurityManager public class PolicyUtilsTests extends ESTestCase { public void testCreatePluginPolicyWithPatch() { diff --git a/libs/native/src/test/java/org/elasticsearch/nativeaccess/ProcessLimitsTests.java b/libs/native/src/test/java/org/elasticsearch/nativeaccess/ProcessLimitsTests.java index 6ca9d8c7a6eec..3c40940b2ea61 100644 --- a/libs/native/src/test/java/org/elasticsearch/nativeaccess/ProcessLimitsTests.java +++ b/libs/native/src/test/java/org/elasticsearch/nativeaccess/ProcessLimitsTests.java @@ -20,7 +20,6 @@ import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.greaterThanOrEqualTo; -@ESTestCase.WithoutSecurityManager public class ProcessLimitsTests extends ESTestCase { private static final NativeAccess nativeAccess = NativeAccess.instance(); diff --git a/libs/native/src/test/java/org/elasticsearch/nativeaccess/SystemCallFilterTests.java b/libs/native/src/test/java/org/elasticsearch/nativeaccess/SystemCallFilterTests.java index d730c695c37d0..b6c4ccfaa885e 100644 --- a/libs/native/src/test/java/org/elasticsearch/nativeaccess/SystemCallFilterTests.java +++ b/libs/native/src/test/java/org/elasticsearch/nativeaccess/SystemCallFilterTests.java @@ -16,7 +16,6 @@ import static org.junit.Assert.fail; /** Simple tests system call filter is working. */ -@ESTestCase.WithoutSecurityManager public class SystemCallFilterTests extends ESTestCase { /** command to try to run in tests */ diff --git a/libs/native/src/test/java/org/elasticsearch/nativeaccess/VectorSystemPropertyTests.java b/libs/native/src/test/java/org/elasticsearch/nativeaccess/VectorSystemPropertyTests.java index 334069b4b554c..9d5f2ff53b745 100644 --- a/libs/native/src/test/java/org/elasticsearch/nativeaccess/VectorSystemPropertyTests.java +++ b/libs/native/src/test/java/org/elasticsearch/nativeaccess/VectorSystemPropertyTests.java @@ -12,7 +12,6 @@ import org.apache.lucene.util.Constants; import org.elasticsearch.core.SuppressForbidden; import org.elasticsearch.test.ESTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import org.elasticsearch.test.compiler.InMemoryJavaCompiler; import org.elasticsearch.test.jar.JarUtils; import org.junit.BeforeClass; @@ -28,7 +27,6 @@ import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -@WithoutSecurityManager public class VectorSystemPropertyTests extends ESTestCase { static Path jarPath; diff --git a/qa/evil-tests/src/test/java/org/elasticsearch/bootstrap/EvilBootstrapChecksTests.java b/qa/evil-tests/src/test/java/org/elasticsearch/bootstrap/EvilBootstrapChecksTests.java index e7eacca83d850..e85cbeb487d2b 100644 --- a/qa/evil-tests/src/test/java/org/elasticsearch/bootstrap/EvilBootstrapChecksTests.java +++ b/qa/evil-tests/src/test/java/org/elasticsearch/bootstrap/EvilBootstrapChecksTests.java @@ -14,7 +14,6 @@ import org.elasticsearch.core.SuppressForbidden; import org.elasticsearch.node.NodeValidationException; import org.elasticsearch.test.AbstractBootstrapCheckTestCase; -import org.elasticsearch.test.ESTestCase.WithoutSecurityManager; import org.hamcrest.Matcher; import org.junit.After; import org.junit.Before; @@ -31,7 +30,6 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; -@WithoutSecurityManager public class EvilBootstrapChecksTests extends AbstractBootstrapCheckTestCase { private String esEnforceBootstrapChecks = System.getProperty(ES_ENFORCE_BOOTSTRAP_CHECKS); diff --git a/server/src/test/java/org/elasticsearch/bootstrap/PluginsResolverTests.java b/server/src/test/java/org/elasticsearch/bootstrap/PluginsResolverTests.java index 798b576500d72..8b04252fa4c23 100644 --- a/server/src/test/java/org/elasticsearch/bootstrap/PluginsResolverTests.java +++ b/server/src/test/java/org/elasticsearch/bootstrap/PluginsResolverTests.java @@ -32,7 +32,6 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -@ESTestCase.WithoutSecurityManager public class PluginsResolverTests extends ESTestCase { private record TestPluginLayer(PluginBundle pluginBundle, ClassLoader pluginClassLoader, ModuleLayer pluginModuleLayer) diff --git a/server/src/test/java/org/elasticsearch/common/file/MasterNodeFileWatchingServiceTests.java b/server/src/test/java/org/elasticsearch/common/file/MasterNodeFileWatchingServiceTests.java index e13b66c710c11..712287ee9af4c 100644 --- a/server/src/test/java/org/elasticsearch/common/file/MasterNodeFileWatchingServiceTests.java +++ b/server/src/test/java/org/elasticsearch/common/file/MasterNodeFileWatchingServiceTests.java @@ -39,7 +39,6 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -@ESTestCase.WithoutSecurityManager public class MasterNodeFileWatchingServiceTests extends ESTestCase { static final DiscoveryNode localNode = DiscoveryNodeUtils.create("local-node"); diff --git a/server/src/test/java/org/elasticsearch/plugins/PluginsLoaderTests.java b/server/src/test/java/org/elasticsearch/plugins/PluginsLoaderTests.java index 8129f67947cf9..f17132a028391 100644 --- a/server/src/test/java/org/elasticsearch/plugins/PluginsLoaderTests.java +++ b/server/src/test/java/org/elasticsearch/plugins/PluginsLoaderTests.java @@ -39,7 +39,6 @@ import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.not; -@ESTestCase.WithoutSecurityManager @LuceneTestCase.SuppressFileSystems(value = "ExtrasFS") public class PluginsLoaderTests extends ESTestCase { diff --git a/server/src/test/java/org/elasticsearch/plugins/UberModuleClassLoaderTests.java b/server/src/test/java/org/elasticsearch/plugins/UberModuleClassLoaderTests.java index 3e7f783779a51..e4c0c8ea1be80 100644 --- a/server/src/test/java/org/elasticsearch/plugins/UberModuleClassLoaderTests.java +++ b/server/src/test/java/org/elasticsearch/plugins/UberModuleClassLoaderTests.java @@ -40,7 +40,6 @@ import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.nullValue; -@ESTestCase.WithoutSecurityManager public class UberModuleClassLoaderTests extends ESTestCase { private static final String MODULE_NAME = "synthetic"; diff --git a/server/src/test/java/org/elasticsearch/plugins/internal/ReloadAwarePluginTests.java b/server/src/test/java/org/elasticsearch/plugins/internal/ReloadAwarePluginTests.java index 96e45edb8e01e..c8378016857fe 100644 --- a/server/src/test/java/org/elasticsearch/plugins/internal/ReloadAwarePluginTests.java +++ b/server/src/test/java/org/elasticsearch/plugins/internal/ReloadAwarePluginTests.java @@ -22,7 +22,6 @@ import static org.hamcrest.Matchers.contains; import static org.hamcrest.Matchers.instanceOf; -@ESTestCase.WithoutSecurityManager public class ReloadAwarePluginTests extends ESTestCase { public void testNodeInitializesReloadingPlugin() throws Exception { diff --git a/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java b/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java index 0ef16e7e9f555..626ffa45b0f60 100644 --- a/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java +++ b/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java @@ -14,8 +14,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.lucene.tests.util.LuceneTestCase; -import org.elasticsearch.common.Strings; -import org.elasticsearch.common.io.FileSystemUtils; import org.elasticsearch.common.network.IfConfig; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.set.Sets; @@ -23,27 +21,19 @@ import org.elasticsearch.core.PathUtils; import org.elasticsearch.core.SuppressForbidden; import org.elasticsearch.jdk.JarHell; -import org.elasticsearch.jdk.RuntimeVersionFeature; import org.elasticsearch.plugins.PluginDescriptor; -import org.elasticsearch.secure_sm.SecureSM; import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.PrivilegedOperations; import org.elasticsearch.test.mockito.SecureMockMaker; import org.junit.Assert; import java.io.Closeable; +import java.io.IOException; import java.io.InputStream; import java.lang.invoke.MethodHandles; -import java.net.SocketPermission; import java.net.URL; import java.nio.file.Files; import java.nio.file.Path; -import java.security.AccessController; -import java.security.Permission; -import java.security.Permissions; -import java.security.Policy; -import java.security.PrivilegedAction; -import java.security.ProtectionDomain; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; @@ -56,10 +46,6 @@ import java.util.Set; import java.util.stream.Collectors; -import static com.carrotsearch.randomizedtesting.RandomizedTest.systemPropertyAsBoolean; -import static org.elasticsearch.bootstrap.ESPolicy.POLICY_RESOURCE; -import static org.elasticsearch.bootstrap.FilePermissionUtils.addDirectoryPath; - /** * Initializes natives and installs test security manager * (init'd early by base classes to ensure it happens regardless of which @@ -79,9 +65,10 @@ public class BootstrapForTesting { Path javaTmpDir = PathUtils.get( Objects.requireNonNull(System.getProperty("java.io.tmpdir"), "please set ${java.io.tmpdir} in pom.xml") ); + try { - Security.ensureDirectoryExists(javaTmpDir); - } catch (Exception e) { + Files.createDirectories(javaTmpDir); + } catch (IOException e) { throw new RuntimeException("unable to create test temp directory", e); } @@ -118,96 +105,6 @@ public class BootstrapForTesting { // Log ifconfig output before SecurityManager is installed IfConfig.logIfNecessary(); - - // install security manager if available and requested - if (RuntimeVersionFeature.isSecurityManagerAvailable() && systemPropertyAsBoolean("tests.security.manager", true)) { - try { - // initialize paths the same exact way as bootstrap - Permissions perms = new Permissions(); - Security.addClasspathPermissions(perms); - // java.io.tmpdir - FilePermissionUtils.addDirectoryPath(perms, "java.io.tmpdir", javaTmpDir, "read,readlink,write,delete", false); - // custom test config file - if (Strings.hasLength(System.getProperty("tests.config"))) { - FilePermissionUtils.addSingleFilePath(perms, PathUtils.get(System.getProperty("tests.config")), "read,readlink"); - } - // jacoco coverage output file - final boolean testsCoverage = Booleans.parseBoolean(System.getProperty("tests.coverage", "false")); - if (testsCoverage) { - Path coverageDir = PathUtils.get(System.getProperty("tests.coverage.dir")); - FilePermissionUtils.addSingleFilePath(perms, coverageDir.resolve("jacoco.exec"), "read,write"); - // in case we get fancy and use the -integration goals later: - FilePermissionUtils.addSingleFilePath(perms, coverageDir.resolve("jacoco-it.exec"), "read,write"); - } - // intellij hack: intellij test runner wants setIO and will - // screw up all test logging without it! - if (System.getProperty("tests.gradle") == null) { - perms.add(new RuntimePermission("setIO")); - } - - // add bind permissions for testing - // ephemeral ports (note, on java 7 before update 51, this is a different permission) - // this should really be the only one allowed for tests, otherwise they have race conditions - perms.add(new SocketPermission("localhost:0", "listen,resolve")); - // ... but tests are messy. like file permissions, just let them live in a fantasy for now. - // TODO: cut over all tests to bind to ephemeral ports - perms.add(new SocketPermission("localhost:1024-", "listen,resolve")); - - // read test-framework permissions - Map codebases = getCodebases(); - - final Policy testFramework = PolicyUtil.readPolicy(Elasticsearch.class.getResource("test-framework.policy"), codebases); - final Policy runnerPolicy; - if (System.getProperty("tests.gradle") != null) { - runnerPolicy = PolicyUtil.readPolicy(Elasticsearch.class.getResource("gradle.policy"), codebases); - } else if (codebases.containsKey("junit-rt.jar")) { - runnerPolicy = PolicyUtil.readPolicy(Elasticsearch.class.getResource("intellij.policy"), codebases); - } else { - runnerPolicy = PolicyUtil.readPolicy(Elasticsearch.class.getResource("eclipse.policy"), codebases); - } - // this mimicks the recursive data path permission added in Security.java - Permissions fastPathPermissions = new Permissions(); - addDirectoryPath(fastPathPermissions, "java.io.tmpdir-fastpath", javaTmpDir, "read,readlink,write,delete", true); - - final Policy esPolicy = new ESPolicy( - PolicyUtil.readPolicy(ESPolicy.class.getResource(POLICY_RESOURCE), codebases), - perms, - getPluginPermissions(), - true, - Security.toFilePermissions(fastPathPermissions), - Map.of() - ); - Policy.setPolicy(new Policy() { - @Override - public boolean implies(ProtectionDomain domain, Permission permission) { - // implements union - return esPolicy.implies(domain, permission) - || testFramework.implies(domain, permission) - || runnerPolicy.implies(domain, permission); - } - }); - Security.prepopulateSecurityCaller(); - Security.setSecurityManager(SecureSM.createTestSecureSM()); - Security.selfTest(); - - // guarantee plugin classes are initialized first, in case they have one-time hacks. - // this just makes unit testing more realistic - for (URL url : Collections.list( - BootstrapForTesting.class.getClassLoader().getResources(PluginDescriptor.INTERNAL_DESCRIPTOR_FILENAME) - )) { - Properties properties = new Properties(); - try (InputStream stream = FileSystemUtils.openFileURLStream(url)) { - properties.load(stream); - } - String clazz = properties.getProperty("classname"); - if (clazz != null) { - Class.forName(clazz); - } - } - } catch (Exception e) { - throw new RuntimeException("unable to install test security manager", e); - } - } } static Map getCodebases() { @@ -244,133 +141,6 @@ private static void addClassCodebase(Map codebases, String name, St } } - /** - * we don't know which codesources belong to which plugin, so just remove the permission from key codebases - * like core, test-framework, etc. this way tests fail if accesscontroller blocks are missing. - */ - @SuppressForbidden(reason = "accesses fully qualified URLs to configure security") - static Map getPluginPermissions() throws Exception { - List pluginPolicies = Collections.list( - BootstrapForTesting.class.getClassLoader().getResources(PluginDescriptor.ES_PLUGIN_POLICY) - ); - if (pluginPolicies.isEmpty()) { - return Collections.emptyMap(); - } - - // compute classpath minus obvious places, all other jars will get the permission. - Set codebases = new HashSet<>(parseClassPathWithSymlinks()); - Set excluded = new HashSet<>( - Arrays.asList( - // es core - Elasticsearch.class.getProtectionDomain().getCodeSource().getLocation(), - // es test framework - BootstrapForTesting.class.getProtectionDomain().getCodeSource().getLocation(), - // lucene test framework - LuceneTestCase.class.getProtectionDomain().getCodeSource().getLocation(), - // randomized runner - RandomizedRunner.class.getProtectionDomain().getCodeSource().getLocation(), - // junit library - Assert.class.getProtectionDomain().getCodeSource().getLocation() - ) - ); - codebases.removeAll(excluded); - final Map codebasesMap = PolicyUtil.getCodebaseJarMap(codebases); - - // parse each policy file, with codebase substitution from the classpath - final List policies = new ArrayList<>(pluginPolicies.size()); - for (URL policyFile : pluginPolicies) { - Map policyCodebases = codebasesMap; - - // if the codebases file is inside a jar, then we don't need to load it since the jar will - // have already been read from the classpath - if (policyFile.toString().contains(".jar!") == false) { - Path policyPath = PathUtils.get(policyFile.toURI()); - Path codebasesPath = policyPath.getParent().resolve("plugin-security.codebases"); - - if (Files.exists(codebasesPath)) { - // load codebase to class map used for tests - policyCodebases = new HashMap<>(codebasesMap); - Map codebasesProps = parsePropertiesFile(codebasesPath); - for (var entry : codebasesProps.entrySet()) { - addClassCodebase(policyCodebases, entry.getKey(), entry.getValue()); - } - } - } - - policies.add(PolicyUtil.readPolicy(policyFile, policyCodebases)); - } - - // consult each policy file for those codebases - Map map = new HashMap<>(); - for (URL url : codebases) { - map.put(url, new Policy() { - @Override - public boolean implies(ProtectionDomain domain, Permission permission) { - // implements union - for (Policy p : policies) { - if (p.implies(domain, permission)) { - return true; - } - } - return false; - } - }); - } - return Collections.unmodifiableMap(map); - } - - static Map parsePropertiesFile(Path propertiesFile) throws Exception { - Properties props = new Properties(); - try (InputStream is = Files.newInputStream(propertiesFile)) { - props.load(is); - } - return props.entrySet().stream().collect(Collectors.toMap(e -> e.getKey().toString(), e -> e.getValue().toString())); - } - - /** - * return parsed classpath, but with symlinks resolved to destination files for matching - * this is for matching the toRealPath() in the code where we have a proper plugin structure - */ - @SuppressForbidden(reason = "does evil stuff with paths and urls because devs and jenkins do evil stuff with paths and urls") - static Set parseClassPathWithSymlinks() throws Exception { - Set raw = JarHell.parseClassPath(); - Set cooked = Sets.newHashSetWithExpectedSize(raw.size()); - for (URL url : raw) { - Path path = PathUtils.get(url.toURI()); - if (Files.exists(path)) { - boolean added = cooked.add(path.toRealPath().toUri().toURL()); - if (added == false) { - throw new IllegalStateException("Duplicate in classpath after resolving symlinks: " + url); - } - } - } - return raw; - } - // does nothing, just easy way to make sure the class is loaded. public static void ensureInitialized() {} - - /** - * Temporarily dsiables security manager for a test. - * - *

This method is only callable by {@link org.elasticsearch.test.ESTestCase}. - * - * @return A closeable object which restores the test security manager - */ - @SuppressWarnings("removal") - public static Closeable disableTestSecurityManager() { - var caller = Thread.currentThread().getStackTrace()[2]; - if (ESTestCase.class.getName().equals(caller.getClassName()) == false) { - throw new SecurityException("Cannot disable test SecurityManager directly. Use @NoSecurityManager to disable on a test suite"); - } - final var sm = System.getSecurityManager(); - AccessController.doPrivileged((PrivilegedAction) () -> { - Security.setSecurityManager(null); - return null; - }); - return () -> AccessController.doPrivileged((PrivilegedAction) () -> { - Security.setSecurityManager(sm); - return null; - }); - } } diff --git a/test/framework/src/main/java/org/elasticsearch/cli/CommandTestCase.java b/test/framework/src/main/java/org/elasticsearch/cli/CommandTestCase.java index 406454bf72dd8..1b5b28e47f1a3 100644 --- a/test/framework/src/main/java/org/elasticsearch/cli/CommandTestCase.java +++ b/test/framework/src/main/java/org/elasticsearch/cli/CommandTestCase.java @@ -25,7 +25,6 @@ /** * A base test case for cli tools. */ -@ESTestCase.WithoutSecurityManager public abstract class CommandTestCase extends ESTestCase { /** The terminal that execute uses */ diff --git a/test/framework/src/main/java/org/elasticsearch/test/ESTestCase.java b/test/framework/src/main/java/org/elasticsearch/test/ESTestCase.java index fa77aebb80b53..196ca48956c4d 100644 --- a/test/framework/src/main/java/org/elasticsearch/test/ESTestCase.java +++ b/test/framework/src/main/java/org/elasticsearch/test/ESTestCase.java @@ -120,7 +120,6 @@ import org.elasticsearch.index.analysis.TokenizerFactory; import org.elasticsearch.indices.IndicesModule; import org.elasticsearch.indices.analysis.AnalysisModule; -import org.elasticsearch.jdk.RuntimeVersionFeature; import org.elasticsearch.logging.internal.spi.LoggerFactory; import org.elasticsearch.plugins.AnalysisPlugin; import org.elasticsearch.plugins.Plugin; @@ -158,14 +157,8 @@ import org.junit.internal.AssumptionViolatedException; import org.junit.rules.RuleChain; -import java.io.Closeable; import java.io.IOException; import java.io.InputStream; -import java.lang.annotation.ElementType; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; import java.lang.invoke.MethodHandles; import java.math.BigInteger; import java.net.InetAddress; @@ -494,36 +487,6 @@ protected void afterIfFailed(List errors) {} /** called after a test is finished, but only if successful */ protected void afterIfSuccessful() throws Exception {} - /** - * Marks a test suite or a test method that should run without security manager enabled. - */ - @Retention(RetentionPolicy.RUNTIME) - @Target({ ElementType.TYPE }) - @Inherited - public @interface WithoutSecurityManager { - } - - private static Closeable securityManagerRestorer; - - // disable security manager if test is annotated to run without it - - @BeforeClass - public static void maybeStashClassSecurityManager() { - if (RuntimeVersionFeature.isSecurityManagerAvailable()) { - if (getTestClass().isAnnotationPresent(WithoutSecurityManager.class)) { - securityManagerRestorer = BootstrapForTesting.disableTestSecurityManager(); - } - } - } - - @AfterClass - public static void maybeRestoreClassSecurityManager() throws IOException { - if (securityManagerRestorer != null) { - securityManagerRestorer.close(); - securityManagerRestorer = null; - } - } - // setup mock filesystems for this test run. we change PathUtils // so that all accesses are plumbed thru any mock wrappers From f38028296e60575f5580c20a753ec5c4d35cca7e Mon Sep 17 00:00:00 2001 From: elasticsearchmachine Date: Sat, 19 Apr 2025 02:38:25 +0000 Subject: [PATCH 2/2] [CI] Auto commit changes from spotless --- .../bootstrap/BootstrapForTesting.java | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java b/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java index 626ffa45b0f60..09735ad0c3d5c 100644 --- a/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java +++ b/test/framework/src/main/java/org/elasticsearch/bootstrap/BootstrapForTesting.java @@ -9,42 +9,23 @@ package org.elasticsearch.bootstrap; -import com.carrotsearch.randomizedtesting.RandomizedRunner; - import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.apache.lucene.tests.util.LuceneTestCase; import org.elasticsearch.common.network.IfConfig; import org.elasticsearch.common.settings.Settings; -import org.elasticsearch.common.util.set.Sets; import org.elasticsearch.core.Booleans; import org.elasticsearch.core.PathUtils; -import org.elasticsearch.core.SuppressForbidden; import org.elasticsearch.jdk.JarHell; -import org.elasticsearch.plugins.PluginDescriptor; -import org.elasticsearch.test.ESTestCase; import org.elasticsearch.test.PrivilegedOperations; import org.elasticsearch.test.mockito.SecureMockMaker; -import org.junit.Assert; -import java.io.Closeable; import java.io.IOException; -import java.io.InputStream; import java.lang.invoke.MethodHandles; import java.net.URL; import java.nio.file.Files; import java.nio.file.Path; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; import java.util.Map; import java.util.Objects; -import java.util.Properties; -import java.util.Set; -import java.util.stream.Collectors; /** * Initializes natives and installs test security manager