- Search Guard 5.2.2
- Elasticsearch version 5.2.2
- JVM version 1.8.0_112-b15
- operating system version CentOS Linux release 7.3.1611 (Core)
- Number of nodes in your cluster: 2
- Description of the bug:
I’m having some problems with roles, so I created a new index and trying to search it using a user x and here’s my config for that:
sg_tralala:
cluster:
- CLUSTER_COMPOSITE_OPS_RO
indices:
'logstash-tralala-*':
'*':
- READ
- indices:admin/mappings/fields/get*
'?kibana-tralala':
'*':
- ALL
and then I got this error on kibana:
Courier Fetch Error: unhandled courier request error: [security_exception] no permissions for indices:data/read/mget
and this error on ES logs:
No perm match for User [name=laghao, roles=[]] [IndexType [index=.kibana-tralala,type=index-pattern]] [Action [indices:data/read/mget]] [RolesChecked [tralala]]
There seems to be an error in the sg_roles_mapping.yml. Accroding to the output in the logfile, your user is mapped to the group tralala, not sg_tralala:
[RolesChecked [tralala]]
Please check your sg_role_mapping.yml file. If you still have problems, please post the mapping here.
···
On Wednesday, May 10, 2017 at 1:12:12 PM UTC+2, Oucema Bellagha wrote:
- Search Guard 5.2.2
- Elasticsearch version 5.2.2
- JVM version 1.8.0_112-b15
- operating system version CentOS Linux release 7.3.1611 (Core)
- Number of nodes in your cluster: 2
- Description of the bug:
I’m having some problems with roles, so I created a new index and trying to search it using a user x and here’s my config for that:
sg_tralala:
cluster:
- CLUSTER_COMPOSITE_OPS_RO
indices:
'logstash-tralala-*':
'*':
- READ
- indices:admin/mappings/fields/ get*
'?kibana-tralala':
'*':
- ALL
and then I got this error on kibana:
Courier Fetch Error: unhandled courier request error: [security_exception] no permissions for indices:data/read/mget
and this error on ES logs:
No perm match for User [name=laghao, roles=[]] [IndexType [index=.kibana-tralala,type=index-pattern]] [Action [indices:data/read/mget]] [RolesChecked [tralala]]
Hi thanks for the feedback, Actually the definition of CLUSTER_COMPOSITE_OPS_RO and CLUSTER_COMPOSITE_OPS was missing on the file sg_actions_groups.yml.
I have another question just to know if I can update all my cluster easily or stay on this version so as I wrote I’m on the versions 5.2.2 and I want to update to 5.4. Is there any problems with updates that can affect my environment and should I install a new netty-tcnative-1.1.33.Fork25-linux-x86_64.jar If so which version?
Regards and thanks,
···
On Wednesday, May 10, 2017 at 5:11:53 PM UTC+2, Jochen Kressin wrote:
There seems to be an error in the sg_roles_mapping.yml. Accroding to the output in the logfile, your user is mapped to the group tralala, not sg_tralala:
[RolesChecked [tralala]]
Please check your sg_role_mapping.yml file. If you still have problems, please post the mapping here.
On Wednesday, May 10, 2017 at 1:12:12 PM UTC+2, Oucema Bellagha wrote:
- Search Guard 5.2.2
- Elasticsearch version 5.2.2
- JVM version 1.8.0_112-b15
- operating system version CentOS Linux release 7.3.1611 (Core)
- Number of nodes in your cluster: 2
- Description of the bug:
I’m having some problems with roles, so I created a new index and trying to search it using a user x and here’s my config for that:
sg_tralala:
cluster:
- CLUSTER_COMPOSITE_OPS_RO
indices:
'logstash-tralala-*':
'*':
- READ
- indices:admin/mappings/fields/ get*
'?kibana-tralala':
'*':
- ALL
and then I got this error on kibana:
Courier Fetch Error: unhandled courier request error: [security_exception] no permissions for indices:data/read/mget
and this error on ES logs:
No perm match for User [name=laghao, roles=[]] [IndexType [index=.kibana-tralala,type=index-pattern]] [Action [indices:data/read/mget]] [RolesChecked [tralala]]