Open
Description
Describe the bug
the logs rolling triggered AccessControlException :
ERROR StatusConsoleListener Could not define attribute view on path "/opt/workspace/apps/packages/opensearch/opensearch-2.19.1/logs/test-os.log" got access denied ("java.lang.RuntimePermission" "accessUserInformation")
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299)
at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:181)
at org.apache.logging.log4j.core.appender.FileManager.defineAttributeView(FileManager.java:216)
at org.apache.logging.log4j.core.appender.FileManager.createOutputStream(FileManager.java:203)
....
....
ERROR StatusConsoleListener Could not define attribute view on path "/opt/workspace/apps/packages/opensearch/opensearch-2.19.1/logs/test-os_server.json" got access denied ("java.lang.RuntimePermission" "accessUserInformation")
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
at java.base/java.security.AccessController.checkPermission(AccessController.java:1071)
at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264)
at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299)
at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:181)
at org.apache.logging.log4j.core.appender.FileManager.defineAttributeView(FileManager.java:216)
at org.apache.logging.log4j.core.appender.FileManager.createOutputStream(FileManager.java:203)
at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.createFileAfterRollover(RollingFileManager.java:421)
at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:398)
and the files permissions are not rw-r-----
log files permissions:
Related component
No response
To Reproduce
- download 2.19.1 tarball
- install single node
to quickstart, disable the securityplugins.security.disabled: true - to trigger error ,modify log4j rolling size in configuration file config/log4j2.properties
setappender.rolling.policies.size.sizewith value1k######## Server JSON ############################ ... #appender.rolling.policies.size.size = 128M appender.rolling.policies.size.size = 1k ... ################################################ ######## Server - old style pattern ########### ... #appender.rolling.policies.size.size = 128M appender.rolling.policies.size.size = 1k ... - start the server ,then will print the exception
./bin/opensearch
Expected behavior
- no exception
- right file access permissions
rw-r-----
Additional Details
Plugins
Please list all plugins currently enabled.
Screenshots
If applicable, add screenshots to help explain your problem.
Host/Environment (please complete the following information):
- OS: Ubuntu 24.04.2 LTS
- Version 24
Additional context
Add any other context about the problem here.