I can’t start the service when searchguard.enabled is set to true. it says something about being root… is this the intended behavior?
here’s my setting:
···
#############################################################################################
SEARCH GUARD
#############################################################################################
searchguard.enabled: true
searchguard.key_path: /tmp/dldm/elasticsearchConfig/searchguard_node.key
searchguard.authentication.authentication_backend.impl: com.floragunn.searchguard.authentication.backend.simple.SettingsBasedAuthenticationBackend
searchguard.authentication.authentication_backend.cache.enable: true
searchguard.authentication.authorizer.impl: com.floragunn.searchguard.authorization.simple.SettingsBasedAuthorizator
searchguard.authentication.authorizer.cache.enable: true
searchguard.authentication.http_authenticator.impl: com.floragunn.searchguard.authentication.http.basic.HTTPBasicAuthenticator
searchguard.authentication.settingsdb.user.admin: password
searchguard.authentication.settingsdb.user.marketing: password
searchguard.authentication.authorization.settingsdb.roles.admin: [“admin”]
searchguard.authentication.authorization.settingsdb.roles.marketing: [“marketing”]
searchguard.flsfilter.names: [“marketing”]
searchguard.flsfilter.marketig.source_excludes: [“username”,“email”]
############################################################################################
When i start elasticsearch, i get error saying ‘You’re trying to run elasticsearch as root or Windows Administrator and thats forbidden.’:
root@c06aa3566663:/# sudo /usr/share/elasticsearch/elasticsearch-1.5.0/bin/elasticsearch -Des.config=“/tmp/dldm/elasticsearchConfig/elasticsearch.yml”
[2015-06-05 07:29:07,246][WARN ][common.jna ] Unable to lock JVM memory (ENOMEM). This can result in part of the JVM being swapped out. Increase RLIMIT_MEMLOCK (ulimit).
[2015-06-05 07:29:07,335][INFO ][node ] [elastic_0] version[1.5.0], pid[335], build[5448160/2015-03-23T14:30:58Z]
[2015-06-05 07:29:07,335][INFO ][node ] [elastic_0] initializing …
[2015-06-05 07:29:07,498][INFO ][com.floragunn.searchguard.SearchGuardPlugin] Class enhancements for DLS/FLS successful
[2015-06-05 07:29:07,501][INFO ][plugins ] [elastic_0] loaded [searchguard], sites [kopf]
[2015-06-05 07:29:09,748][DEBUG][com.floragunn.searchguard.service.SearchGuardService] Loaded key from /./searchguard_node_key.key
[2015-06-05 07:29:10,017][DEBUG][com.floragunn.searchguard.util.SecurityUtil] Usable SSL/TLS protocols: [TLSv1, TLSv1.1, TLSv1.2]
[2015-06-05 07:29:10,017][DEBUG][com.floragunn.searchguard.util.SecurityUtil] Usable SSL/TLS cipher suites: [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
[2015-06-05 07:29:10,023][DEBUG][com.floragunn.searchguard.service.SearchGuardService] Loaded key from /./searchguard_node_key.key
{1.5.0}: Initialization Failed …
- ElasticsearchException[You’re trying to run elasticsearch as root or Windows Administrator and thats forbidden.]
But if i disable searchguard the node starts normally:
root@c06aa3566663:/# sudo /usr/share/elasticsearch/elasticsearch-1.5.0/bin/elasticsearch -Des.config=“/tmp/dldm/elasticsearchConfig/elasticsearch.yml”
[2015-06-05 07:37:56,178][WARN ][common.jna ] Unable to lock JVM memory (ENOMEM). This can result in part of the JVM being swapped out. Increase RLIMIT_MEMLOCK (ulimit).
[2015-06-05 07:37:56,266][INFO ][node ] [elastic_0] version[1.5.0], pid[364], build[5448160/2015-03-23T14:30:58Z]
[2015-06-05 07:37:56,266][INFO ][node ] [elastic_0] initializing …
[2015-06-05 07:37:56,457][INFO ][com.floragunn.searchguard.SearchGuardPlugin] Class enhancements for DLS/FLS successful
[2015-06-05 07:37:56,461][INFO ][plugins ] [elastic_0] loaded [searchguard (disabled)], sites [kopf]
[2015-06-05 07:37:58,807][INFO ][node ] [elastic_0] initialized
[2015-06-05 07:37:58,808][INFO ][node ] [elastic_0] starting …
[2015-06-05 07:37:58,868][INFO ][transport ] [elastic_0] bound_address {inet[/0:0:0:0:0:0:0:0:9504]}, publish_address {inet[/192.168.1.100:9504]}
[2015-06-05 07:37:58,877][INFO ][discovery ] [elastic_0] data_manager/eez6GFaeSW-EN-pZhDhYaQ
[2015-06-05 07:38:01,898][INFO ][cluster.service ] [elastic_0] new_master [elastic_0][eez6GFaeSW-EN-pZhDhYaQ][c06aa3566663][inet[/192.168.1.100:9504]]{max_local_storage_nodes=1, master=true}, reason: zen-disco-join (elected_as_master)
[2015-06-05 07:38:01,915][INFO ][http ] [elastic_0] bound_address {inet[/0:0:0:0:0:0:0:0:9505]}, publish_address {inet[/192.168.1.100:9505]}
[2015-06-05 07:38:01,915][INFO ][node ] [elastic_0] started
[2015-06-05 07:38:01,928][INFO ][gateway ] [elastic_0] recovered [0] indices into cluster_state
^C[2015-06-05 07:38:21,775][INFO ][node ] [elastic_0] stopping …
[2015-06-05 07:38:21,800][INFO ][node ] [elastic_0] stopped
[2015-06-05 07:38:21,801][INFO ][node ] [elastic_0] closing …
[2015-06-05 07:38:21,811][INFO ][node ] [elastic_0] closed
I’m running elasticsearch inside a docker container.