[
https://issues.apache.org/jira/browse/KARAF-7111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17335494#comment-17335494
]
Wael Megdich commented on KARAF-7111:
-------------------------------------
Dear [~jbonofre]
I did some investigations from my side and I would like to share the result
with you:
* The error occurs when calling log:dispaly and log:tail commands
!image-2021-04-29-14-33-22-207.png|width=958,height=309!
* Due to the change https://issues.apache.org/jira/browse/KARAF-4609 ; the
pervious operation requires the access to environment variables. Thus, the
permission ("java.lang.RuntimePermission"
"getenv.ORG_OPS4J_PAX_LOGGING_COLOR_DEBUG") is required.
* Using java debugger, I noticed that the AccessController denies the
execution of the operation. In fact, a specific protection domain does not
allow this operation
* This ProtectionDomain belongs to "org.apache.felix.configadmin" and it does
not allow the execution of the operation due to restricted permissions.
* When checking the permission.info of this bundle I noticed that this is the
expected behavior because this file does not allow ay permission of type
RuntimePermission see:
[https://github.com/apache/felix-dev/blob/master/configadmin/src/main/resources/OSGI-INF/permissions.perm]
Basing on that, I estimate that these errors are caused by a regression after
the change https://issues.apache.org/jira/browse/KARAF-4609.
Could you please have a look on this analysis and confirm if it is correct ?
If it is the case, is there any way to change the content of Karaf log feature
to use another version of the bundle "org.apache.karaf.log.core" (downgrade it).
Thank you in advance.
Best Regards.
> Karaf 4.3.1 Display Errors When Framework Security is enabled
> -------------------------------------------------------------
>
> Key: KARAF-7111
> URL: https://issues.apache.org/jira/browse/KARAF-7111
> Project: Karaf
> Issue Type: Bug
> Components: karaf
> Affects Versions: 4.3.1
> Reporter: Wael Megdich
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Attachments: image-2021-04-29-09-41-59-693.png,
> image-2021-04-29-14-33-22-207.png
>
>
> Dears,
>
> When enabling Karaf framework-security some errors will be displayed in the
> container log.
> Configuration:
> * Java Version: 11
> * Karaf Version: 4.3.1
> * etc/system.properties is configured as follows:
> _java.security.policy==*${karaf.etc}/all.policy*_
> _org.osgi.framework.security=osgi_
>
> When using Felix as OSGI framework I get this error:
> _*ERROR* [FelixStartLevel] Unexpected problem calling configuration plugin
> [org.osgi.service.cm.ConfigurationPlugin, id=31,
> bundle=26/mvn:org.apache.karaf.config/org.apache.karaf.config.core/4.3.1]_
> _java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission"
> "getenv.ORG_APACHE_KARAF_COMMAND_ACL_SHELL_EXEC")_
>
> When switching to Equinox, I get this one:
> _*ERROR* [pipe-log:tail] Unexpected problem calling configuration plugin
> [org.osgi.service.cm.ConfigurationPlugin, id=108,
> bundle=26/mvn:org.apache.karaf.config/org.apache.karaf.config.core/4.3.1]_
> _java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission" "getenv.ORG_OPS4J_PAX_LOGGING_COLOR_DEBUG")_
>
> Please note that such configuration is working with Karaf 4.1.0 and I get
> this error when upgrading to Java 11 and Karaf 4.3.1
>
> Do you have any idea about the origin of the issue ?
>
> Thank you in advance.
> Best Regards.
>
> Wael
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
