our Keystore is protected with a password. In order to provide the password to the cluster and start it, we created the file /etc/elasticsearch/my_pwd_file.tmp under root:elasticsearch containing the password. Its permissions were set to 600, conforming to the instructions we follow. The cluster is being executed with systemctl by root.
However, the cluster could not start. It was complaining with: /etc/elasticsearch/my_pwd_file.tmp: permission denied. By changing the permissions of the file to 640, the cluster started successfully. What could be the issue?