What's the cause and the solution of this error

morad_della3 · September 23, 2022, 8:43pm

ubuntu 22.04 VM
elasticsearch,kibana,filebeat8.4.1 ,elastalert,suricata
i have this error in the log of elasticsearch when i try to start elasticsearch it failed to start

Failed to get the temporary directory; falling back to: /tmp
[2022-09-23T20:38:58,847][ERROR][o.e.b.Elasticsearch      ] [elastic] fatal exception while booting Elasticsearch
java.security.AccessControlException: access denied ("java.io.FilePermission" "/tmp" "read")

stephenb · September 23, 2022, 9:37pm

According to the error the user you are running elasticsearch as can not read (and probably write) to the /tmp directly.

Elasticsearch like mini programs need to be able to read and write from the /tmp directory.

You need to fix the permissions on that directory

morad_della3 · September 23, 2022, 9:39pm

You need to fix the permissions on that directory
How can I?

stephenb · September 23, 2022, 9:43pm

Google is your friend

$ sudo chmod 1777 /tmp

morad_della3 · September 23, 2022, 9:53pm

Oh yea i google it now and i find it thanks @stephenb for help

morad_della3 · October 13, 2022, 10:14am

@stephenb hello stephen the error The error was repeated today and when i try to do this cmd

it still the same not solved

Akhtar_Zaman · October 13, 2022, 10:38am

May be you need to check what user is being used for Elasticsearch. Try find the user from the Elasticsearch service unit file. and then run the command provided by stephenb from that user. you can simply do
sudo -u {USER} chmod 1777 /tmp

morad_della3 · October 13, 2022, 12:09pm

@Akhtar_Zaman thanks for the response
how to check the user used by elastic what cmd?
I think you mean the user that i used to access elastic from kibana is "elastic"
i try to do what you told but this is the result

elastic@elastic:~$ sudo -u elastic chmod 1777 /tmp
chmod: changing permissions of '/tmp': Operation not permitted

wangphun · October 17, 2022, 9:20am

Hi @morad_della3, did you fixed your problem? i face the same issue.

morad_della3 · October 17, 2022, 9:51am

No but i used a solution last month it worked with me but now when I used it it did not work see if it work for you
the solution is to decrease the the amount of the ram here , you will find 4g change it to 1g or 512m
to enter to this file of configyou can use : sudo nano /etc/elasticsearch/jvm.options
then save the config and restart elasticsearch

system · November 14, 2022, 9:51am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Failed to get the temporary directory; falling back to: /tmp [2022-09-23T20:38:58,847][ERROR][o.e.b.Elasticsearch ] [elastic] fatal exception while booting Elasticsearch java.security.AccessControlException: access denied ("java.io.FilePermission" "/ Elasticsearch	1	25	August 16, 2024
What's the solution of this error please? Elasticsearch	13	1833	November 27, 2022
Elasticsearch is not starting owing to wrong file permission Elasticsearch	4	14068	March 7, 2018
Can't start elasticsearch service after enabling TLS for Detections/Alerts - Permission Denied Elasticsearch elastic-stack-security , elastic-stack-alerting	3	619	February 16, 2021
Permission denied (os:windows) Elasticsearch	15	1003	June 16, 2022

What's the cause and the solution of this error

Related topics