Unconfined services with Elasticsearch

I'm attempting to use Elasticsearch on Centos but have some concerns over the unconfined java and controller services that Elasticsearch uses. With the system's initial blocking of unconfined services due to security concerns, Elasticsearch will not be able to work as java and controller will not be able to start up.

Does Elasticsearch requires that the java and controller be run on unconfined services or are there ways to run the services in a confined type and still allowing Elasticsearch to work?

Welcome to our community! :smiley:

Can you clarify what you mean by "unconfined services"?

I meant that they run as unconfined processes. For example when running ps -eZ | grep unconfined_service_t it will flag out the 2 processes, java and controller that is used by elasticsearch.

Are you referring to something in SELinux here? That's the only reference I can see to what you are asking, which is why I was looking for clarification :slight_smile:

1 Like

Yes, sorry. I forgot to mention that. I'm running Centos with SELinux enabled.

1 Like

Since unconfined services in SELinux is supposed to be able to do nearly anything, is there a security concern regarding having elasticsearch run java and controller as unconfined services?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.