Unable to create temporary keystore at [/etc/elasticsearch/elasticsearch.keystore.tmp]

Brand new installation of ElasticSearch with the elasticsearch-6.3.0-1.noarch RPM. The following message shows up in the logs. On further inspection I decided to try to manually initialize the keystore using:

sudo -u elasticsearch -s /usr/share/elasticsearch/bin/elasticsearch-keystore create

which resulted in the same error. Checking the permissions again, I saw that the /etc/elasticsearch directory was indeed not writable:

total 40
-rw-rw----.  1 root          elasticsearch    0 Jun 11 19:44 users_roles
-rw-rw----.  1 root          elasticsearch    0 Jun 11 19:44 users
-rw-rw----.  1 root          elasticsearch  197 Jun 11 19:44 roles.yml
-rw-rw----.  1 root          elasticsearch  473 Jun 11 19:44 role_mapping.yml
-rw-rw----.  1 root          elasticsearch 6380 Jun 11 19:44 log4j2.properties
-rw-rw----.  1 root          elasticsearch 2920 Jun 11 19:44 jvm.options
-rw-r--r--.  1 root          elasticsearch    0 Jun 18 22:46 .elasticsearch.keystore.initial_md5sum
drwxr-xr-x. 82 root          root          8192 Jun 19 00:32 ..
-rw-rw----.  1 root          elasticsearch 2868 Jun 19 00:34 elasticsearch.yml
-rw-rw----.  1 elasticsearch elasticsearch  207 Jun 19 00:48 elasticsearch.keystore
drwxr-s---.  2 root          elasticsearch  224 Jun 19 00:48 .

So I changed that, then restarted the server:

chmod g+w /etc/elasticsearch

and viola. You may want to change back the permissions after the keystore is created for security purposes, but there is clearly an issue right out the gates that the installation steps do not walk you through.

@ElasticCo Would be good to update the manuals to note having to run the keystore creation as root or doing as I did above here: https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html

5 Likes

This is where i was stuck for a long time. Thanks!

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.