Closed luk-kaminski closed 10 months ago
I can't reproduce the problem, but I do see a different error:
2023-06-16 09:32:04,400 INFO : org.graylog.datanode.management.OpensearchProcessImpl - [2023-06-16T09:32:04,399][INFO ][o.o.n.Node ] [node1] version[2.5.0], pid[13068], build[tar/b8a8b6c4d7fc7a7e32eb2cb68ecad8057a4636ad/2023-01-18T23:48:48.981786100Z], OS[Linux/5.15.0-73-generic/amd64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/17.0.5/17.0.5+8]
2023-06-16 09:32:04,412 INFO : org.graylog.datanode.management.OpensearchProcessImpl - 2023-06-16 09:32:04,410 main ERROR Could not define attribute view on path "/home/tomas/projects/graylog-project-repos/graylog2-server/data-node/bin/config/node1/datanode-cluster_server.json" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
2023-06-16 09:32:04,412 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:485)
2023-06-16 09:32:04,412 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/java.security.AccessController.checkPermission(AccessController.java:1068)
2023-06-16 09:32:04,412 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:416)
2023-06-16 09:32:04,412 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195)
2023-06-16 09:32:04,413 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264)
2023-06-16 09:32:04,413 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299)
2023-06-16 09:32:04,413 INFO : org.graylog.datanode.management.OpensearchProcessImpl - at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:177)
What's the latest state for you, @luk-kaminski?
Hi @todvora ,
Yes, it is now exactly as you say. I do not see the old errors any more.
@todvora: Can you please check if your error still exists and close the issue if not?
@dennisoelkers I still see the same error (=warning), we should find the source of the problem and fix it.
I experimented with the problem for a while and now I can't reproduce it anymore. Will investigate later when the problem appears again.
But the idea is that Opensearch uses a SecurityManager, which then controls the access to the log files. So we should allow it to adapt permissions on the log files via a security policy.
Expected Behavior
There are no file permission warnings on data-node startup.
Current Behavior
There are a lot of file permission warnings on data-node startup:
Possible Solution
Steps to Reproduce (for bugs)