Permissions for ES_KEYSTORE_PASSPHRASE_FILE

tepus · September 12, 2022, 6:16pm

Dear Community,

our Keystore is protected with a password. In order to provide the password to the cluster and start it, we created the file /etc/elasticsearch/my_pwd_file.tmp under root:elasticsearch containing the password. Its permissions were set to 600, conforming to the instructions we follow. The cluster is being executed with systemctl by root.

However, the cluster could not start. It was complaining with: /etc/elasticsearch/my_pwd_file.tmp: permission denied. By changing the permissions of the file to 640, the cluster started successfully. What could be the issue?

Greetings,
Milos Tepavcevic

Yang_Wang · September 15, 2022, 4:30am

I believe elasticsearch runs under elasticsearch:elasticsearch, while your file is root:elaticsearch. You might want to change the ownership of the file, e.g.

chown elasticsearch:elasticsearch /etc/elasticsearch/my_pwd_file.tmp

tepus · October 10, 2022, 7:06pm

It's indeed that simple - thanks!

system · November 7, 2022, 7:06pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Working with elasticsearch-keystore Elasticsearch elastic-stack-security	5	5750	June 26, 2020
Running elasticsearch as daemon from shell script with password-protected keystore file Elasticsearch elastic-stack-security	3	2365	February 1, 2021
Elasticsearch 7.7.1 RPM fresh install keystore permission issues Elasticsearch	2	521	July 8, 2020
Permission denied when starting Elasticsearch 7.17.0 installed via RPM Elasticsearch	12	3646	May 24, 2022
What's wrong with my permissions? Elasticsearch	4	5603	November 28, 2018

Permissions for ES_KEYSTORE_PASSPHRASE_FILE

Related topics