After following these instructions meticulously: How To Install Elasticsearch, Logstash, and Kibana (Elastic Stack) on Ubuntu 20.04
And then enabling TLS and setting up user permissions here: Detections prerequisites and requirements
We repeatedly run into a permissions issue when trying to start the elasticsearch service:
./elasticsearch-env: line 81: /etc/default/elasticsearch: Permission denied
After doing an ls -l on the directory, all files are owned by the elasticsearch user created during setup, which seems correct. It appears since I am trying to start the service as my personal or sudo user it denies me. We're experimented with doing a chown -r
on the directory to one of our personal users and we get past the error, but run into another down the line where the startup of the service calls another directory which is also owned by the same elasticsearch user.
It doesn't seem right to have to change permissions on these startup files for the service, could it be that we're attempting to run the service in an incorrect way? Hoping to get some insight or advice on this, we've done the setup several times now to make sure we follow the installer directions correctly and are still running into the exact same thing every time, TIA.