Permissions for ES_KEYSTORE_PASSPHRASE_FILE

Dear Community,

our Keystore is protected with a password. In order to provide the password to the cluster and start it, we created the file /etc/elasticsearch/my_pwd_file.tmp under root:elasticsearch containing the password. Its permissions were set to 600, conforming to the instructions we follow. The cluster is being executed with systemctl by root.

However, the cluster could not start. It was complaining with: /etc/elasticsearch/my_pwd_file.tmp: permission denied. By changing the permissions of the file to 640, the cluster started successfully. What could be the issue?

Greetings,
Milos Tepavcevic

I believe elasticsearch runs under elasticsearch:elasticsearch, while your file is root:elaticsearch. You might want to change the ownership of the file, e.g.

chown elasticsearch:elasticsearch /etc/elasticsearch/my_pwd_file.tmp