/usr/share/elasticsearch/bin/elasticsearch
OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
[2019-09-13T13:51:21,752][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [node-1] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-7.3.2.jar:7.3.2]
at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-7.3.2.jar:7.3.2]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:105) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:172) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:349) ~[elasticsearch-7.3.2.jar:7.3.2]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.3.2.jar:7.3.2]
So I have tried without being root. What I faced is permission denied, therefore I need to do sudo /usr/share/elasticsearch/bin/elasticsearch / sudo systemctl start elasticsearch. What gets me again, an issue.
Since I haven't touched any other config, I am clueless as of why I would face that problem. I have launched ES as root before, however the TLS / SSL wasn't added to config file.
Can you get us the result of your ls -la /usr/share/elasticsearch/bin/
I think this can be the elasticsearch service doesn't have the permission to read the certificate.
Try to chown -R elasticsearch:root /usr/share/elasticsearch/*
I apologize for not being more specific the chown -R elasticsearch:root /usr/share/elasticsearch/* is not a good practice i think, a best practice is to chown the certificate only so you don't change the predefined parameters.
You should also put your certificates in /etc/elasticsearch/ so the elasticsearch service can access it.
did you define a password when you create your certificate ?
can we have all yourelasticsearch.yml, the result of your sudo /usr/share/elasticsearch/bin/elasticsearch-keystore list and all the elasticsearch log 'starting when you restart your service'
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.apache.logging.log4j.core.config.AbstractConfiguration.createPluginObject(AbstractConfiguration.java:959)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:310)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: at org.elasticsearch.cli.Command.main(Command.java:90)
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,307 main ERROR Could not create plugin of type class org.apache.logging.log4j.core.appender.RollingFileAppender for element RollingF
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,313 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,313 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,314 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,314 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,314 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,315 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,315 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,315 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,316 main ERROR Null object returned for RollingFile in Appenders.
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,316 main ERROR Unable to locate appender "rolling" for logger config "root"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,316 main ERROR Unable to locate appender "rolling_old" for logger config "root"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,317 main ERROR Unable to locate appender "index_indexing_slowlog_rolling_old" for logger config "index.indexing.slowlog.index"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,321 main ERROR Unable to locate appender "index_indexing_slowlog_rolling" for logger config "index.indexing.slowlog.index"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,321 main ERROR Unable to locate appender "audit_rolling" for logger config "org.elasticsearch.xpack.security.audit.logfile.LoggingAu
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,321 main ERROR Unable to locate appender "index_search_slowlog_rolling_old" for logger config "index.search.slowlog"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,323 main ERROR Unable to locate appender "index_search_slowlog_rolling" for logger config "index.search.slowlog"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,324 main ERROR Unable to locate appender "deprecation_rolling_old" for logger config "org.elasticsearch.deprecation"
Sep 16 10:10:58 localhost.localdomain elasticsearch[7092]: 2019-09-16 10:10:58,324 main ERROR Unable to locate appender "deprecation_rolling" for logger config "org.elasticsearch.deprecation"
Sep 16 10:11:02 localhost.localdomain systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Sep 16 10:11:02 localhost.localdomain systemd[1]: Unit elasticsearch.service entered failed state.
Sep 16 10:11:02 localhost.localdomain systemd[1]: elasticsearch.service failed.
I would imagine that this permission denied was due to the fact that you copied the elastic-certificates.p12 files in the configuration folder but those were owned by root and so elasticsearch could not read them. The solution for this would be to make the keystore files readable by elasticsearch, not to run elasticsearch as root.
I think your current state is because of permission changes that you have tried , could that be the case ?
Is that a new installation , or the previous ones we were dealing with ? i.e. have you performed any ownership changes for files and directories or not ?
Which user did you run this commands as ? Root ? This will affect who owns the produced keystore files and whether elasticsearch can read them.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.