I installed an Elasticsearch on CentOS using rpm file. After install, elaticsearch user and group is created, user which can't be used to manage (start/stop/restart) elasticsearch (nologin, nonexistent). I don't want to manage elasticsearch with root user. Should I create a new user for that or to modify elasticsearch user? What will be the best approach?
Hi @lucian1094 Welcome to the community...
No do not create another user.
When you install elastic with and .rpm and start elasticsearch with sudo systemctl it will run as the non-root user
elastic ... exactly as designed.
the systemctl command is run as
sudo BUT elasticsearch is executed / launched under the less privlieged
elastic user ... exactly as designed.
Elasticsearch will not run as
root as designed... following the existing docs / procedure is best practice and is used my 1000s of users to run elasticsearch securely and best practice.
If you want to run systemctl without sudo... that is a linux question best addressed by your linux admin...
Thank you Stephen for your answer and for your time. My bad, I didn't start the cluster because I didn't finish the settings, now I can see the elastic user. So, I think, is it enough to add elastic user in sudoers file and then to use it for start/stop elasticsearch, edit configuration files, etc. ?
Yes... it sounds like you are your own Linux admin, so you understand the options / risks etc.
As already said, there is no need for that. Also, the elasticsearch user is a nologin user, so it make no sense for it to be in sudoers.
You just need to use a normal user with sudo privileges to start/stop the elasticsearch service.
How did you install elasticsearch? How do you connect to your server?
You should have a normal user and use
sudo to perform privileged operations, use this same user to start and stop elasticsearch with
sudo systemctl start elasticsearch and
sudo systemctl stop elasticsearch.
I was thinking to add elastic user, not elasticsearch user. For now I just learning and testing. But now is clear for me about elasticsearch os users, thank you for your time, appreciate.