How to install search guard 6.1.3 plugin for ES 6.1.3 ?

add-apt-repository ppa:webupd8team/java

apt-get update

apt-get install oracle-java8-installer -y

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.1.3.deb

chmod +x elasticsearch-6.1.3.deb

dpkg -i /home/ubuntu/elasticsearch-6.1.3.deb

Changed elasticsearch.yml as follows

network.host: 0.0.0.0

http.port: 9200

update-rc.d elasticsearch defaults 95 10

service elasticsearch restart

I accessed ES as https://: and I got below output

{

“name” : “acvff”,

“cluster_name” : “elasticsearch”,

“cluster_uuid” : “-Hqx5vMgSbaZdM4-hjzMEQ”,

“version” : {

“number” : “6.1.3”,

“build_hash” : “601be4a”,

“build_date” : “2017-11-04T09:22:03.333Z”,

“build_snapshot” : false,

“lucene_version” : “7.0.1”,

“minimum_wire_compatibility_version” : “5.6.0”,

“minimum_index_compatibility_version” : “5.0.0”

},

“tagline” : “You Know, for Search”

}

root@ip-10-0-0-248:/usr/share/elasticsearch# bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.1.3-21.0

-> Downloading com.floragunn:search-guard-6:6.1.3-21.0 from maven central

[=================================================] 100%

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@ WARNING: plugin requires additional permissions @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

  • java.io.FilePermission /proc/sys/net/core/somaxconn read

  • java.lang.RuntimePermission accessClassInPackage.sun.misc

  • java.lang.RuntimePermission accessClassInPackage.sun.nio.ch

  • java.lang.RuntimePermission accessClassInPackage.sun.security.x509

  • java.lang.RuntimePermission accessDeclaredMembers

  • java.lang.RuntimePermission accessUserInformation

  • java.lang.RuntimePermission getClassLoader

  • java.lang.RuntimePermission loadLibrary.*

  • java.lang.RuntimePermission setContextClassLoader

  • java.lang.RuntimePermission shutdownHooks

  • java.lang.reflect.ReflectPermission suppressAccessChecks

  • java.net.NetPermission getNetworkInformation

  • java.net.SocketPermission * connect,accept,resolve

  • java.security.SecurityPermission getProperty.ssl.KeyManagerFactory.algorithm

  • java.security.SecurityPermission insertProvider.BC

  • java.security.SecurityPermission putProviderProperty.BC

  • java.security.SecurityPermission setProperty.ocsp.enable

  • java.util.PropertyPermission com.sun.security.enableCRLDP write

  • java.util.PropertyPermission es.set.netty.runtime.available.processors write

  • java.util.PropertyPermission java.security.debug write

  • java.util.PropertyPermission java.security.krb5.conf write

  • java.util.PropertyPermission javax.security.auth.useSubjectCredsOnly write

  • java.util.PropertyPermission jdk.tls.rejectClientInitiatedRenegotiation write

  • java.util.PropertyPermission sun.nio.ch.bugLevel write

  • java.util.PropertyPermission sun.security.krb5.debug write

  • java.util.PropertyPermission sun.security.spnego.debug write

  • javax.security.auth.AuthPermission doAs

  • javax.security.auth.AuthPermission modifyPrivateCredentials

  • javax.security.auth.kerberos.ServicePermission * accept

See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html

for descriptions of what these permissions allow and the associated risks.

-> Installed search-guard-6

root@ip-10-0-0-248:/usr/share/elasticsearch# cd plugins/search-guard-6/tools/

root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls

hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh

root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh

bash: ./install_demo_configuration.sh: Permission denied

root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# chmod +x install_demo_configuration.sh

root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls

hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh

root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh

Search Guard 6 Demo Installer

** Warning: Do not use on production or public reachable systems **

Install demo certificates? [y/N] y

Initialize Search Guard? [y/N] y

Cluster mode requires maybe additional setup of:

  • Virtual memory (vm.max_map_count)

See https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html

Enable cluster mode? [y/N] y

Basedir: /usr/share/elasticsearch

This script maybe require your root password for ‘sudo’ privileges

Elasticsearch install type: rpm/deb on DISTRIB_ID=Ubuntu

Elasticsearch config dir: /etc/elasticsearch

Elasticsearch config file: /etc/elasticsearch/elasticsearch.yml

Elasticsearch bin dir: /usr/share/elasticsearch/bin

Elasticsearch plugins dir: /usr/share/elasticsearch/plugins

Elasticsearch lib dir: /usr/share/elasticsearch/lib

Detected Elasticsearch Version: cli-6.1.3

Detected Search Guard Version: 6.1.3-21.0

Success

Execute this script now on all your nodes and then start all nodes

Search Guard will be automatically initialized.

If you like to change the runtime configuration

change the files in …/sgconfig and execute:

sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv

or run ./sgadmin_demo.sh

To use the Search Guard Configuration GUI see http://docs.search-guard.com/v6/configuration-gui

To access your Search Guard secured cluster open https://: and log in with admin/admin.

(Ignore the SSL certificate warning because we installed self-signed demo certificates)

root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# service elasticsearch restart

  • Stopping Elasticsearch Server [ OK ]

  • Starting Elasticsearch Server [ OK ]

root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# cd

root@ip-10-0-0-110:~# sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

Elasticsearch Version: 6.1.3

Search Guard Version: 6.1.3-21.0

Connected as CN=kirk,OU=client,O=client,L=Test,C=DE

Contacting elasticsearch cluster ‘elasticsearch’ and wait for YELLOW clusterstate …

Clustername: searchguard_demo

Clusterstate: YELLOW

Number of nodes: 1

Number of data nodes: 1

searchguard index already exists, so we do not need to create one.

INFO: searchguard index state is YELLOW, it seems you miss some replicas

Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/

Will update ‘sg/config’ with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_config.yml

FAIL: Configuration for ‘config’ failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]

Will update ‘sg/roles’ with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles.yml

FAIL: Configuration for ‘roles’ failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]

Will update ‘sg/rolesmapping’ with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles_mapping.yml

FAIL: Configuration for ‘rolesmapping’ failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]

Will update ‘sg/internalusers’ with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml

FAIL: Configuration for ‘internalusers’ failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]

Will update ‘sg/actiongroups’ with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_action_groups.yml

FAIL: Configuration for ‘actiongroups’ failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]

FAIL: Expected 1 nodes to return response, but got only 0

Done with failures

I got error as below

Search Guard not initialized (SG11). See http://docs.search-guard.com/v6/sgadmin

can you please file a github issue for that

···

Am 22.02.2018 um 08:58 schrieb 'Raju Manikala' via Search Guard Community Forum <search-guard@googlegroups.com>:

add-apt-repository ppa:webupd8team/java
apt-get update
apt-get install oracle-java8-installer -y

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.1.3.deb
chmod +x elasticsearch-6.1.3.deb
dpkg -i /home/ubuntu/elasticsearch-6.1.3.deb

Changed elasticsearch.yml as follows
network.host: 0.0.0.0
http.port: 9200

update-rc.d elasticsearch defaults 95 10

service elasticsearch restart

I accessed ES as https://<hostname>:<HTTP port> and I got below output
  {
  "name" : "acvff",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "-Hqx5vMgSbaZdM4-hjzMEQ",
  "version" : {
    "number" : "6.1.3",
    "build_hash" : "601be4a",
    "build_date" : "2017-11-04T09:22:03.333Z",
    "build_snapshot" : false,
    "lucene_version" : "7.0.1",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
   }

root@ip-10-0-0-248:/usr/share/elasticsearch# bin/elasticsearch-plugin install -b com.floragunn:search-guard-6:6.1.3-21.0
-> Downloading com.floragunn:search-guard-6:6.1.3-21.0 from maven central
[=================================================] 100%
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: plugin requires additional permissions @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.io.FilePermission /proc/sys/net/core/somaxconn read
* java.lang.RuntimePermission accessClassInPackage.sun.misc
* java.lang.RuntimePermission accessClassInPackage.sun.nio.ch
* java.lang.RuntimePermission accessClassInPackage.sun.security.x509
* java.lang.RuntimePermission accessDeclaredMembers
* java.lang.RuntimePermission accessUserInformation
* java.lang.RuntimePermission getClassLoader
* java.lang.RuntimePermission loadLibrary.*
* java.lang.RuntimePermission setContextClassLoader
* java.lang.RuntimePermission shutdownHooks
* java.lang.reflect.ReflectPermission suppressAccessChecks
* java.net.NetPermission getNetworkInformation
* java.net.SocketPermission * connect,accept,resolve
* java.security.SecurityPermission getProperty.ssl.KeyManagerFactory.algorithm
* java.security.SecurityPermission insertProvider.BC
* java.security.SecurityPermission putProviderProperty.BC
* java.security.SecurityPermission setProperty.ocsp.enable
* java.util.PropertyPermission com.sun.security.enableCRLDP write
* java.util.PropertyPermission es.set.netty.runtime.available.processors write
* java.util.PropertyPermission java.security.debug write
* java.util.PropertyPermission java.security.krb5.conf write
* java.util.PropertyPermission javax.security.auth.useSubjectCredsOnly write
* java.util.PropertyPermission jdk.tls.rejectClientInitiatedRenegotiation write
* java.util.PropertyPermission sun.nio.ch.bugLevel write
* java.util.PropertyPermission sun.security.krb5.debug write
* java.util.PropertyPermission sun.security.spnego.debug write
* javax.security.auth.AuthPermission doAs
* javax.security.auth.AuthPermission modifyPrivateCredentials
* javax.security.auth.kerberos.ServicePermission * accept
See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html
for descriptions of what these permissions allow and the associated risks.
-> Installed search-guard-6
root@ip-10-0-0-248:/usr/share/elasticsearch# cd plugins/search-guard-6/tools/
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls
hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh
bash: ./install_demo_configuration.sh: Permission denied
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# chmod +x install_demo_configuration.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ls
hash.bat hash.sh install_demo_configuration.sh sgadmin.bat sgadmin.sh
root@ip-10-0-0-248:/usr/share/elasticsearch/plugins/search-guard-6/tools# ./install_demo_configuration.sh
Search Guard 6 Demo Installer
** Warning: Do not use on production or public reachable systems **
Install demo certificates? [y/N] y
Initialize Search Guard? [y/N] y
Cluster mode requires maybe additional setup of:
  - Virtual memory (vm.max_map_count)
    See https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html

Enable cluster mode? [y/N] y
Basedir: /usr/share/elasticsearch
This script maybe require your root password for 'sudo' privileges
Elasticsearch install type: rpm/deb on DISTRIB_ID=Ubuntu
Elasticsearch config dir: /etc/elasticsearch
Elasticsearch config file: /etc/elasticsearch/elasticsearch.yml
Elasticsearch bin dir: /usr/share/elasticsearch/bin
Elasticsearch plugins dir: /usr/share/elasticsearch/plugins
Elasticsearch lib dir: /usr/share/elasticsearch/lib
Detected Elasticsearch Version: cli-6.1.3
Detected Search Guard Version: 6.1.3-21.0

### Success
### Execute this script now on all your nodes and then start all nodes
### Search Guard will be automatically initialized.
### If you like to change the runtime configuration
### change the files in ../sgconfig and execute:
sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv
### or run ./sgadmin_demo.sh
### To use the Search Guard Configuration GUI see http://docs.search-guard.com/v6/configuration-gui
### To access your Search Guard secured cluster open https://<hostname>:<HTTP port> and log in with admin/admin.
### (Ignore the SSL certificate warning because we installed self-signed demo certificates)

root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# service elasticsearch restart
* Stopping Elasticsearch Server [ OK ]
* Starting Elasticsearch Server [ OK ]
root@ip-10-0-0-110:/usr/share/elasticsearch/plugins/search-guard-6/sgconfig# cd
root@ip-10-0-0-110:~# sudo /usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh -cd /usr/share/elasticsearch/plugins/search-guard-6/sgconfig -icl -key /etc/elasticsearch/kirk-key.pem -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -nhnv
WARNING: JAVA_HOME not set, will use /usr/bin/java
Search Guard Admin v6
Will connect to localhost:9300 ... done
Elasticsearch Version: 6.1.3
Search Guard Version: 6.1.3-21.0
Connected as CN=kirk,OU=client,O=client,L=Test,C=DE
Contacting elasticsearch cluster 'elasticsearch' and wait for YELLOW clusterstate ...
Clustername: searchguard_demo
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
searchguard index already exists, so we do not need to create one.
INFO: searchguard index state is YELLOW, it seems you miss some replicas
Populate config from /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/
Will update 'sg/config' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_config.yml
   FAIL: Configuration for 'config' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/roles' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles.yml
   FAIL: Configuration for 'roles' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/rolesmapping' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_roles_mapping.yml
   FAIL: Configuration for 'rolesmapping' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/internalusers' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_internal_users.yml
   FAIL: Configuration for 'internalusers' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
Will update 'sg/actiongroups' with /usr/share/elasticsearch/plugins/search-guard-6/sgconfig/sg_action_groups.yml
   FAIL: Configuration for 'actiongroups' failed because of java.lang.IllegalArgumentException: Rejecting mapping update to [searchguard] as the final mapping would have more than 1 type: [sg, doc]
FAIL: Expected 1 nodes to return response, but got only 0
Done with failures

I got error as below

Search Guard not initialized (SG11). See http://docs.search-guard.com/v6/sgadmin

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/e7098f7a-c873-414d-91c4-6e8b9019c4e7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.