While trying to use jmxtrans-agent for Elasticsearch it seems that they enforce usage of the Java Security Manager so I had to create a short policy for jmxtrans-agent to work under Elasticsearch.
It would be nice if this is something that jmxtrans-agent could provide for it self. If I've understood it correctly you can provide it but you don't have to turn it on by default (but you can) so everything should work normally for everyone except for those who want to use the SM.
Naturally all tests must also be run with the SM disabled and enabled to catch any policy violations.
Here is my very basic one which allows JMX and connecting to Graphite:
Hey!
While trying to use jmxtrans-agent for Elasticsearch it seems that they enforce usage of the Java Security Manager so I had to create a short policy for jmxtrans-agent to work under Elasticsearch.
It would be nice if this is something that jmxtrans-agent could provide for it self. If I've understood it correctly you can provide it but you don't have to turn it on by default (but you can) so everything should work normally for everyone except for those who want to use the SM.
Naturally all tests must also be run with the SM disabled and enabled to catch any policy violations.
Here is my very basic one which allows JMX and connecting to Graphite:
Here are some docs on SM and the policy files but I'm sure you can find better tutorials out there: https://docs.oracle.com/javase/8/docs/api/index.html?java/lang/SecurityManager.html https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html