Please disregard my previous post. I understand these are actual error messages,
not the errors of handling Admin UI.
I think this server is being attacked using the vulnerability described here
https://www.tenable.com/blog/cve-2019-17558-apache-solr-vulnerable-to-remote-code-execution-zero-day-vulnerability
Fortunately the attack isn't succeeding because of SOLR-13971 fix, and instead
it is causing these errors. I'll fortify the Solr access.
On 1/7/21 11:02 AM, TK Solr wrote:
On the Admin UI's login screen, when the Logging tab is clicked, I see lines
like:
Time(Local) Level Core Logger Message
1/7/2021 ERROR x:mycore loader ResourceManager:
unable to find resource 'custom.vm' in any resource loader.
8:41:46 AM false
1/7/2021 ERROR x:mycore HttpSolrCall
null:java.io.IOException: Unable to find resource 'custom.vm'
8:41:46 AM false
If I click on the info icon (circled "i"), this is displayed.
null:java.io.IOException: Unable to find resource 'custom.vm'
at
org.apache.solr.response.VelocityResponseWriter.getTemplate(VelocityResponseWriter.java:374)
at
org.apache.solr.response.VelocityResponseWriter.write(VelocityResponseWriter.java:152)
at
org.apache.solr.response.QueryResponseWriterUtil.writeQueryResponse(QueryResponseWriterUtil.java:65)
at org.apache.solr.servlet.HttpSolrCall.writeResponse(HttpSolrCall.java:892)
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:594)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:419)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:351)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
...
Are these errors from the Admin UI code itself? Does the Admin UI use
Velocity? (I thought it might be a library path issue but I don't see
'custom.vm' anywhere in the Solr source code.)
What does "x:" prefix to the core name mean?
What does "false" under the log level mean?
The Solr I'm using is 8.3.1 using openJDK 11 on Ubuntu 18.04.3.
TK
