[Elasticsearch] Java Security Manager 관련

분류 전체보기 (1583)

Elastic (498)

Cloud&Container (30)

ITWeb (799)

Legacy (255)

01-05 01:33

Links
Henry's Linkedin.
Elasticsearch Facebook User Gr….
Elasticsearch Blog.
Elasticsearch Resiliency Statu….
Elasticsearch Issues.
Kibana.
Logstash.
Logstash Plugins.
Elasticsearch: The Definitive ….
Elasticsearch Reference.
Elastic Discuss.
Elasticsearch Presentations.
Elastic Support Matrix.

Elastic/Elasticsearch 2017. 12. 18. 15:45

elasticsearch plugin 을 만들다 보면 보안정책 강화에 따라 permission 에러가 발생 하는 경우가 있습니다.

이럴 경우 아래 내용을 통해서 문제를 해결해 보시기 바랍니다.

[Elasticsearch Java Security Manager]

$ export JAVA_OPTS="${JAVA_OPTS} -Djava.security.policy=file:///path/to/my.policy` ./bin/elasticsearch

# or config/jvm.options

$ vi config/jvm.options

-Djava.security.policy=file:///path/to/my.policy

$ export JAVA_OPTS="${JAVA_OPTS} -Dsecurity.manager.enabled=false` ./bin/elasticsearch

# or config/jvm.options

$ vi config/jvm.options

-Dsecurity.manager.enabled=false

Example) my.policy

grant {

permission org.elasticsearch.script.ClassPermission "java.util.Base64"; // allow class

permission org.elasticsearch.script.ClassPermission "java.util.*"; // allow package

permission org.elasticsearch.script.ClassPermission "*"; // allow all (disables filtering basically)

permission java.io.FilePermission "$ES_HOME/config/resource/*", "read"; // allow all files

};

Example) plugin-metadata/plugin-security.policy (recommended)

jjeong