We are trying to expand our cluster size from 3 nodes to 5 nodes. After installing Elasticsearch via RPM on the new nodes we receive the following 'Permission denied' error when starting the service.
[root@host user]# sudo -i service elasticsearch start
Starting elasticsearch: /usr/share/elasticsearch/bin/elasticsearch-env: line 87: /etc/sysconfig/elasticsearch: Permission denied
[FAILED]
Line 87 in /usr/share/elasticsearch/bin/elasticsearch-env refers to:
87 source /etc/sysconfig/elasticsearch
The permissions on that file and directory look OK to my eyes:
[root@host user]# ls -la /etc/sysconfig
total 228
drwxr-xr-x. 8 root root 4096 Apr 25 14:03 .
[root@host user]# ls -la /etc/sysconfig/elasticsearch
-rw-rw---- 1 root elasticsearch 1676 Jan 28 03:39 /etc/sysconfig/elasticsearch
I have looked at the following threads and still do not understand what the issue is:
Our nodes are Chef-managed so they get provisioned with nearly the same configuration, so the discrepancy here is not clear to me.
[root@host ~]# ls -la /etc/elasticsearch/
total 196
drwxr-s--- 4 root elasticsearch 4096 Apr 25 15:37 .
This matches the other 3 nodes where Elasticsearch is running without issue. Elasticsearch runs under the elasticsearch user on those nodes, same as the new node.
However I think you may have uncovered the issue. When I su to elasticsearch I get the following error:
[root@host ~]# su elasticsearch
/usr/bin/id: cannot find name for group ID 1408
[elasticsearch@host ~]$ whoami
elasticsearch
[elasticsearch@host ~]$ groups
groups: cannot find name for group ID 1408
1408
I'm not sure why the Elasticsearch user is assigned to a group id that doesn't exist, but this explains why the user does not have permission to /etc/sysconfig/elasticsearch.
yes you have to give all require sudo access to user Elasticsearch.
or simply you can start your service as root user and have to not worry about sudo.
Furthermore, we do not grant any sudo access to the elasticsearch user on our other 3 nodes and it runs there successfully under elasticsearch, not root.
The issue here is entirely caused by the GID of the elasticsearch being incorrectly set. I will manually correct this, although I suspect that the RPM install process caused it.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.