CentOS Linux release 7.7.1908 (Core)
I have the lastest version of the kibana installed from the elasticsearch repo by yum:
When I try to install a plugin:
/usr/share/kibana/bin/kibana-plugin install $url
Kibana should not be run as root. Use --allow-root to continue.
Ok, trying the more secure way:
su -c '/usr/share/kibana/bin/kibana-plugin install $url' kibana
This account is currently not available.
I know the web application with root owner on files is the gift for hackers and pentesters.
So what is the right (recommended) way to install kibana plugins if the kibana user cant be used?
It sounds like you don't have a "kibana" user. The recommendation here is to use any user other than root. Do you have any non-root users on the machine? If not, I would recommend creating one and install/run Kibana using that.
As i wrote I've kibana from standart elasticsearch repo:
repoquery -i kibana
Name : kibana
Version : 7.6.0
Release : 1
Size : 709167330
Packager : Kibana Team firstname.lastname@example.org
Group : default
URL : https://www.elastic.co
Repository : elasticsearch-7.x
Summary : Explore and visualize your Elasticsearch data
Source : kibana-7.6.0-1.src.rpm
Explore and visualize your Elasticsearch data
name=Elasticsearch repository for 7.x packages
And kibana package created kibana user
uid=997(kibana) gid=995(kibana) groups=995(kibana)
So user is present in the system.
Installation with non root user shows expected errors (obviously general user cant write files to the kibana folders):
someuser$ /usr/share/kibana/bin/kibana-plugin install $url
Babel could not write cache to file: /usr/share/kibana/optimize/.babel_register_cache.json
due to a permission issue. Cache is disabled.
Plugin installation was unsuccessful due to error "ENOENT: no such file or directory, mkdir '/usr/share/kibana/plugins/.plugin.installing'"
The right answer:
su -s /bin/bash -c '/usr/share/kibana/bin/kibana-plugin install $url kibana
I thinks the hint "use for example su -s /bin/bash" can be added to the kibana-plugin script error message because the issue occurs after the package installation with default permissions.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.