[#SFOS-1171] RMI security problems on Java6 with Hadoop

SmartFrog

RMI security problems on Java6 with Hadoop

Created: 01/Apr/09 05:25 PM (BST) Updated: 06/May/09 05:06 PM (BST)

Component/s:

.sfCore, _service_hadoop

Affects Version/s:

3.16.004, 3.17.010

Fix Version/s:

3.17.010

Time Tracking:

Not Specified

File Attachments:

SFOS-1171.patch (8 kB)

Environment:

Linux running Java6

Issue Links:

Depends

This issue is depended on by:

~~SFOS-1166~~ Move the codebase to Java6

caused

This issue caused:

SFOS-1162 Hadoop JSP pages not working

~~SFOS-1154~~ security exception in management console

~~SFOS-1172~~ Security stack trace when trying to run Hadoop's JSP pages on the RPM installation

Compatibility:

unknown

Description

« Hide

I've been dealing with stack trace problems with security turned on, that I've assumed have been related to my work. But it could be that it is related to Java6 RMI.

First, a stack trace

[sf-system-test-junit] Testcase: testSecurityForked took 5.58 sec
[sf-system-test-junit] Caused an ERROR
[sf-system-test-junit] java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object
[sf-system-test-junit] SmartFrogException:: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object, SmartFrog 3.17.007dev (2009-04-01 15:28:11 BST)
[sf-system-test-junit] at org.smartfrog.sfcore.common.SmartFrogException.forward(SmartFrogException.java:92)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.Deploy(ActionDeploy.java:192)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.doDeploy(ActionDeploy.java:297)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.execute(ActionDeploy.java:272)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ConfigurationAction.execute(ConfigurationAction.java:113)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ConfigurationDescriptor.execute(ConfigurationDescriptor.java:1076)
[sf-system-test-junit] at org.smartfrog.SFSystem.runConfigurationDescriptor(SFSystem.java:367)
[sf-system-test-junit] at org.smartfrog.test.DeployingTestBase$ApplicationLoaderThread.execute(DeployingTestBase.java:215)
[sf-system-test-junit] at org.smartfrog.sfcore.utils.SmartFrogThread.run(SmartFrogThread.java:279)
[sf-system-test-junit] Caused by: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object
[sf-system-test-junit] at java.security.Permissions.add(Permissions.java:110)
[sf-system-test-junit] at java.security.Policy$UnsupportedEmptyCollection.add(Policy.java:790)
[sf-system-test-junit] at sun.rmi.server.LoaderHandler.getLoaderAccessControlContext(LoaderHandler.java:985)
[sf-system-test-junit] at sun.rmi.server.LoaderHandler.lookupLoader(LoaderHandler.java:861)
[sf-system-test-junit] at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:385)
[sf-system-test-junit] at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:165)
[sf-system-test-junit] at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:620)
[sf-system-test-junit] at org.smartfrog.sfcore.security.SFRMIClassLoaderSpi.loadClass(SFRMIClassLoaderSpi.java:90)
[sf-system-test-junit] at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:247)
[sf-system-test-junit] at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:197)
[sf-system-test-junit] at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1575)
[sf-system-test-junit] at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1496)
[sf-system-test-junit] at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1732)
[sf-system-test-junit] at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329)
[sf-system-test-junit] at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
[sf-system-test-junit] at sun.rmi.server.UnicastRef.unmarshalValue(UnicastRef.java:306)
[sf-system-test-junit] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:290)
[sf-system-test-junit] at sun.rmi.transport.Transport$1.run(Transport.java:159)
[sf-system-test-junit] at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
[sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
[sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
[sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
[sf-system-test-junit] at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
[sf-system-test-junit] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
[sf-system-test-junit] at java.lang.Thread.run(Thread.java:619)
[sf-system-test-junit] at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
[sf-system-test-junit] at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
[sf-system-test-junit] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
[sf-system-test-junit] at org.smartfrog.sfcore.processcompound.ProcessCompoundImpl_Stub.sfDeployComponentDescription(Unknown Source)
[sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.Deploy(ActionDeploy.java:155)
[sf-system-test-junit] TEST org.smartfrog.services.hadoop.test.system.local.cluster.SecurityExitBlockingTest FAILED
[sf-system-test-junit] Testsuite: org.smartfrog.services.hadoop.test.system.local.clusterconf.ClusterconfTest

Description

I've been dealing with stack trace problems with security turned on, that I've assumed have been related to my work. But it could be that it is related to Java6 RMI. First, a stack trace [sf-system-test-junit] Testcase: testSecurityForked took 5.58 sec [sf-system-test-junit] Caused an ERROR [sf-system-test-junit] java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object [sf-system-test-junit] SmartFrogException:: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object, SmartFrog 3.17.007dev (2009-04-01 15:28:11 BST) [sf-system-test-junit] at org.smartfrog.sfcore.common.SmartFrogException.forward(SmartFrogException.java:92) [sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.Deploy(ActionDeploy.java:192) [sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.doDeploy(ActionDeploy.java:297) [sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.execute(ActionDeploy.java:272) [sf-system-test-junit] at org.smartfrog.sfcore.common.ConfigurationAction.execute(ConfigurationAction.java:113) [sf-system-test-junit] at org.smartfrog.sfcore.common.ConfigurationDescriptor.execute(ConfigurationDescriptor.java:1076) [sf-system-test-junit] at org.smartfrog.SFSystem.runConfigurationDescriptor(SFSystem.java:367) [sf-system-test-junit] at org.smartfrog.test.DeployingTestBase$ApplicationLoaderThread.execute(DeployingTestBase.java:215) [sf-system-test-junit] at org.smartfrog.sfcore.utils.SmartFrogThread.run(SmartFrogThread.java:279) [sf-system-test-junit] Caused by: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object [sf-system-test-junit] at java.security.Permissions.add(Permissions.java:110) [sf-system-test-junit] at java.security.Policy$UnsupportedEmptyCollection.add(Policy.java:790) [sf-system-test-junit] at sun.rmi.server.LoaderHandler.getLoaderAccessControlContext(LoaderHandler.java:985) [sf-system-test-junit] at sun.rmi.server.LoaderHandler.lookupLoader(LoaderHandler.java:861) [sf-system-test-junit] at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:385) [sf-system-test-junit] at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:165) [sf-system-test-junit] at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:620) [sf-system-test-junit] at org.smartfrog.sfcore.security.SFRMIClassLoaderSpi.loadClass(SFRMIClassLoaderSpi.java:90) [sf-system-test-junit] at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:247) [sf-system-test-junit] at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:197) [sf-system-test-junit] at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1575) [sf-system-test-junit] at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1496) [sf-system-test-junit] at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1732) [sf-system-test-junit] at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329) [sf-system-test-junit] at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351) [sf-system-test-junit] at sun.rmi.server.UnicastRef.unmarshalValue(UnicastRef.java:306) [sf-system-test-junit] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:290) [sf-system-test-junit] at sun.rmi.transport.Transport$1.run(Transport.java:159) [sf-system-test-junit] at sun.rmi.transport.Transport.serviceCall(Transport.java:155) [sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535) [sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790) [sf-system-test-junit] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649) [sf-system-test-junit] at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885) [sf-system-test-junit] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907) [sf-system-test-junit] at java.lang.Thread.run(Thread.java:619) [sf-system-test-junit] at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255) [sf-system-test-junit] at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233) [sf-system-test-junit] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142) [sf-system-test-junit] at org.smartfrog.sfcore.processcompound.ProcessCompoundImpl_Stub.sfDeployComponentDescription(Unknown Source) [sf-system-test-junit] at org.smartfrog.sfcore.common.ActionDeploy.Deploy(ActionDeploy.java:155) [sf-system-test-junit] TEST org.smartfrog.services.hadoop.test.system.local.cluster.SecurityExitBlockingTest FAILED [sf-system-test-junit] Testsuite: org.smartfrog.services.hadoop.test.system.local.clusterconf.ClusterconfTest

Show »

All

Comments

Work Log

Change History

Sort Order:

[ Permlink | « Hide ]

Steve Loughran added a comment - 01/Apr/09 05:30 PM (BST)

searching for the string "sun.rmi.server.LoaderHandler.getLoaderAccessControlContext(" throws up this email, which implies that the java6 permissions API returns an immutable datastructure, which can break older code.

http://mail-archives.apache.org/mod_mbox/incubator-river-user/200810.mbox/%3C20081015181649.GB4649@east%3E

This is also what has surfaced in ~~SFOS-1154~~

[ Permlink | « Hide ]

Steve Loughran added a comment - 01/Apr/09 05:45 PM (BST)

Links to others with the same problem

1. This could be the same Jasper one we are seeing in hadoop
https://issues.apache.org/bugzilla/show_bug.cgi?id=41509

2. Discussion from Sun about how java6 changed part of the classloaders to return an immutable collection
http://mail-archives.apache.org/mod_mbox/incubator-river-user/200810.mbox/%3C20081015181649.GB4649@east%3E

[ Permlink | « Hide ]

Steve Loughran added a comment - 03/Apr/09 01:16 PM (BST)

Here is the patch to SmartFrogTask and common.xml to allow a security manager to be chosen, this lets you find these problems early. I havent checked them in as it would be rude to break everything before I go away. Others may play with it though

[ Permlink | « Hide ]

Steve Loughran added a comment - 24/Apr/09 06:27 PM (BST)

plan to extend the security manager check component with something that can check that the current permissions manager is working, and if not print out its classname for better diagnostics

[ Permlink | « Hide ]

Steve Loughran added a comment - 24/Apr/09 06:35 PM (BST)

see also HADOOP-5740 - https://issues.apache.org/jira/browse/HADOOP-5740 - this is the cause of the problem

[ Permlink | « Hide ]

Steve Loughran added a comment - 29/Apr/09 03:31 PM (BST)

With the latest hadoop commit this is *probably* fixed. only one way to know though: tests!

[ Permlink | « Hide ]

Steve Loughran added a comment - 05/May/09 01:48 PM (BST)

correction -even with HADOOP-5740 patched, you can't run with a security manager. Hence ~~SFOS-1187~~, to give control of the chosen security manager on RPM installations.

[ Permlink | « Hide ]

Steve Loughran added a comment - 06/May/09 05:06 PM (BST)

Closing as fixed for now, though Hadoop wont work under SmartFrog with the security manager live. Creating a new report for that.