mjanzen
(Mark)
January 29, 2025, 11:17pm
1
New to Elasticsearch.
Working on setting up a proof of concept.
I'm using the tutorial here
Tutorial 1: Installing a self-managed Elastic Stack | Elastic Installation and Upgrade Guide [8.17] | Elastic
Anytime I try to use any of the scripts located at /usr/share/elasticsearch/bin/
I get an error.
I'm trying to use this command to generate a token
sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
The error I get is
/usr/share/elasticsearch/jdk/bin/java:error while loading shared library: libjli.so: cannot open shared object file: no such file or directory
Also happens when I run the script to change the built in user.
My understanding is that elasticsearch is bundled with Java, so I shouldn't have to do anything with java.
Hi @mjanzen ,
Welcome! This could either be down to a bad Java install (if you are not using the bundled Java) or a file permissions issue. Are you definitely using the bundled install over a local install?
Can you check out the remediation steps for the below issues and see if the recommendations solve your issue?
opened 12:24AM - 25 Feb 22 UTC
>bug
:Delivery/Packaging
:Security/Security
Team:Security
Team:Delivery
### Elasticsearch Version
8.0
### Installed Plugins
_No response_
### Java V… ersion
_bundled_
### OS Version
Linux 4.18.0-348.12.2.el8_5.x86_64 #1 SMP Mon Jan 17 07:06:06 EST 2022 x86_64 x86_64 x86_64 GNU/Linux
### Problem Description
I am deploying a new ES cluster running 8.0 using RHEL 8.5. Fairly vanilla deployment and Elasticsearch is running on the first node with auto-security used, no JVM installed (using built-in). SELINUX is permissive.
Elastic is launching using systemd and I am able to query the cluster information:
```
{
"name" : "es-mstr-01.corp.nklab.com.au",
"cluster_name" : "nkl-prd-es-clr-01",
"cluster_uuid" : "zpb0mWSGSVSVvByeZ-fl4w",
"version" : {
"number" : "8.0.0",
"build_flavor" : "default",
"build_type" : "rpm",
"build_hash" : "1b6a7ece17463df5ff54a3e1302d825889aa1161",
"build_date" : "2022-02-03T16:47:57.507843096Z",
"build_snapshot" : false,
"lucene_version" : "9.0.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
```
When I attempt to run any of the scripts in the bin folder to generate tokens for adding the additional nodes I receive the following:
```
[template@es-mstr-01 ~]$ cd /usr/share/elasticsearch/bin
[template@es-mstr-01 bin]$ sudo ./elasticsearch-create-enrollment-token -s node
/usr/share/elasticsearch/jdk/bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
[template@es-mstr-01 bin]$ ./elasticsearch-create-enrollment-token -s node
./elasticsearch-env: line 83: /usr/share/elasticsearch/jdk/bin/java: Operation not permitted
```
Additionally, the following output can be seen when attempting to locate libjli.so:
```
[template@es-mstr-01 bin]$ locate libjli.so
/usr/share/elasticsearch/jdk/lib/libjli.so
[template@es-mstr-01 bin]$ sudo ldd /usr/share/elasticsearch/jdk/bin/java
linux-vdso.so.1 (0x00007ffeb3bf4000)
libz.so.1 => /lib64/libz.so.1 (0x00007f1f7e6bf000)
libjli.so => /usr/share/elasticsearch/jdk/bin/../lib/libjli.so (0x00007f1f7e4ae000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f1f7e28e000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f1f7e08a000)
libc.so.6 => /lib64/libc.so.6 (0x00007f1f7dcc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f1f7ead9000)
[template@es-mstr-01 bin]$
```
Any ideas would be greatly appreciated. I have also attempted to add the path using ldconfig but this made no difference.
First lodged in community forums [here](https://discuss.elastic.co/t/es-8-0-rpm-install-libjli-so-cannot-be-located-launching-scripts-binaries-from-the-bin-directory-rhel-8/298105)
### Steps to Reproduce
```
[template@es-mstr-01 ~]$ cd /usr/share/elasticsearch/bin
[template@es-mstr-01 bin]$ sudo ./elasticsearch-create-enrollment-token -s node
/usr/share/elasticsearch/jdk/bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
[template@es-mstr-01 bin]$ ./elasticsearch-create-enrollment-token -s node
./elasticsearch-env: line 83: /usr/share/elasticsearch/jdk/bin/java: Operation not permitted
```
### Logs (if relevant)
_No response_
That does not sound like a good way to install elasticsearch for something else than development.
May be do it again and try the 6.2.4 (which I don't believe will change anything).
When I try to start an instance of Elasticsearch 7, I get this error. Some backstory, I am running on port 443 instead of 9200. Previous versions worked fine after running sudo setcap 'CAP_NET_BIND_SERVICE=+eip' /usr/lib/jvm/default-java/bin/java. But it looks like elasticsearch 7 (when installed through apt-get) is running an internal version of java located /usr/share/elasticsearch/jdk/bin/java. Therefore running sudo setcap 'CAP_NET_BIND_SERVICE=+eip' /usr/share/elasticsearch/jdk/bin/java …
Let us know how you get on!
mjanzen
(Mark)
February 4, 2025, 8:57pm
3
This was a result of the DISA Stig installation.
I re-deployed with the standard RHEL Image and the issue was resolved.