Error starting Elasticsearch '/var/log/elasticsearch/gc.log': Permission denied

Hello to everyone in the Elastic community.

I am having a problem with Elasticsearch after last upgrade to 7.5.2 and installing a plugin. It stopped working and I cannot fix the issue. it seems a problems with permissions with the gc.log file, but I changed them and still no working. So I am thinking the problem is with Java in some way that I cannot understand.

Steps:

sudo apt install elasticsearch
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service
This start service resturns:
Job for elasticsearch.service failed because the control process exited with error code. See "systemctl status elasticsearch.service" and "journalctl -xe" for details.

The journalctl log returns:

Feb 09 17:09:01 server audit[2195]: USER_CMD pid=2195 uid=1000 auid=1000 ses=1 subj==unconfined msg='cwd="/home/ecofintech" cmd=73797374656D63746C20737461727420656C61737469637365617263682E73657276696365 terminal=pts/0 res=success'
Feb 09 17:09:01 server audit[2195]: CRED_REFR pid=2195 uid=0 auid=1000 ses=1 subj==unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'
Feb 09 17:09:01 server sudo[2195]:  ecofintech : TTY=pts/0 ; PWD=/home/ecofintech ; USER=root ; COMMAND=/bin/systemctl start elasticsearch.service
Feb 09 17:09:01 server audit[2195]: USER_START pid=2195 uid=0 auid=1000 ses=1 subj==unconfined msg='op=PAM:session_open grantors=pam_permit,pam_unix,pam_tmpdir acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'
Feb 09 17:09:01 server sudo[2195]: pam_unix(sudo:session): session opened for user root by ecofintech(uid=0)
Feb 09 17:09:01 server systemd[1]: Starting Elasticsearch...
-- Subject: A start job for unit elasticsearch.service has begun execution
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- A start job for unit elasticsearch.service has begun execution.
-- 
-- The job identifier is 480.
Feb 09 17:09:02 server elasticsearch[2199]: Exception in thread "main" java.lang.RuntimeException: starting java failed with [1]
Feb 09 17:09:02 server elasticsearch[2199]: output:
Feb 09 17:09:02 server elasticsearch[2199]: [0.000s][error][logging] Error opening log file '/var/log/elasticsearch/gc.log': Permission denied
Feb 09 17:09:02 server elasticsearch[2199]: [0.000s][error][logging] Initialization of output 'file=/var/log/elasticsearch/gc.log' using options 'filecount=32,filesize=64m' failed.
Feb 09 17:09:02 server elasticsearch[2199]: error:
Feb 09 17:09:02 server elasticsearch[2199]: OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
Feb 09 17:09:02 server elasticsearch[2199]: Invalid -Xlog option '-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m', see error log for details.
Feb 09 17:09:02 server elasticsearch[2199]: Error: Could not create the Java Virtual Machine.
Feb 09 17:09:02 server elasticsearch[2199]: Error: A fatal exception has occurred. Program will exit.
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.flagsFinal(JvmErgonomics.java:118)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.finalJvmOptions(JvmErgonomics.java:86)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:59)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:92)
Feb 09 17:09:02 server systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- An ExecStart= process belonging to unit elasticsearch.service has exited.
-- 
-- The process' exit code is 'exited' and its exit status is 1.
Feb 09 17:09:02 server systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- The unit elasticsearch.service has entered the 'failed' state with result 'exit-code'.
Feb 09 17:09:02 server systemd[1]: Failed to start Elasticsearch.
-- Subject: A start job for unit elasticsearch.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- A start job for unit elasticsearch.service has finished with a failure.

And sudo systemctl -l status elasticsearch.servicereturns:


● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/elasticsearch.service.d
           └─override.conf
   Active: failed (Result: exit-code) since Sun 2020-02-09 17:09:02 CET; 2min 48s ago
     Docs: http://www.elastic.co
  Process: 2199 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet (code=exited, status=1/FAILURE)
 Main PID: 2199 (code=exited, status=1/FAILURE)

Feb 09 17:09:02 server elasticsearch[2199]: Invalid -Xlog option '-Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m', see error log for details.
Feb 09 17:09:02 server elasticsearch[2199]: Error: Could not create the Java Virtual Machine.
Feb 09 17:09:02 server elasticsearch[2199]: Error: A fatal exception has occurred. Program will exit.
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.flagsFinal(JvmErgonomics.java:118)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.finalJvmOptions(JvmErgonomics.java:86)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmErgonomics.choose(JvmErgonomics.java:59)
Feb 09 17:09:02 server elasticsearch[2199]:         at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:92)
Feb 09 17:09:02 server systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Feb 09 17:09:02 server systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Feb 09 17:09:02 server systemd[1]: Failed to start Elasticsearch.

Thanks

Can you explain your user/group access? i believe that elasticsearch runs a process with the same name. So since it is a permissions issue, i would think that the running user doesnt have access to that file?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.