search guard 0.5 prevents ES 1.7.1 from starting

Hey guys,

I’d like to use an open source alternative to shield on my own non-work project. So I’ve read about floragunn search guard, but not had much luck with it.

With the plugin installed

#plugin --list

Installed plugins:

  • search-guard

ES simply fails to start:

#service elasticsearch start

Starting elasticsearch (via systemctl): [ OK ]

#systemctl status elasticsearch

elasticsearch.service - Elasticsearch

Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)

Active: failed (Result: exit-code) since Thu 2015-09-03 22:30:22 EDT; 40s ago

Docs: http://www.elastic.co

Process: 24149 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -Des.pidfile=$PID_DIR/elasticsearch.pid -Des.default.path.home=$ES_HOME -Des.default.path.logs=$LOG_DIR -Des.default.path.data=$DATA_DIR -Des.default.config=$CONF_FILE -Des.default.path.conf=$CONF_DIR (code=exited, status=3)

Main PID: 24149 (code=exited, status=3)

Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Bootstrap.setupLogging(Bootstrap.java:131)

Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Bootstrap.main(Bootstrap.java:216)

Sep 03 22:30:19 es3 elasticsearch[24149]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:32)

Sep 03 22:30:19 es3 elasticsearch[24149]: log4j:ERROR Either File or DatePattern options are not set for appender [access_log].

Sep 03 22:30:21 es3 elasticsearch[24149]: {1.7.1}: Initialization Failed …

Sep 03 22:30:21 es3 elasticsearch[24149]: - ExecutionError[java.lang.NoClassDefFoundError: org/elasticsearch/common/ContextHolder]

Sep 03 22:30:21 es3 elasticsearch[24149]: NoClassDefFoundError[org/elasticsearch/common/ContextHolder]

Sep 03 22:30:21 es3 elasticsearch[24149]: ClassNotFoundException[org.elasticsearch.common.ContextHolder]

Sep 03 22:30:22 es3 systemd1: elasticsearch.service: main process exited, code=exited, status=3/NOTIMPLEMENTED

Sep 03 22:30:22 es3 systemd1: Unit elasticsearch.service entered failed state.

As soon as I remove search-guard, I appear to be back in business:

#plugin --remove search-guard

-> Removing search-guard…

Removed search-guard

#service elasticsearch start

Starting elasticsearch (via systemctl): [ OK ]

#systemctl status elasticsearch

elasticsearch.service - Elasticsearch

Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)

Active: active (running) since Thu 2015-09-03 22:41:32 EDT; 1min 5s ago

Docs: http://www.elastic.co

Main PID: 25025 (java)

CGroup: /system.slice/elasticsearch.service

└─25025 /bin/java -Xms1g -Xmx1g -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75…

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseAppender(PropertyConfigurator.java:842)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseCategory(PropertyConfigurator.java:768)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.parseCatsAndRenderers(PropertyConfigurator.java:672)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.doConfigure(PropertyConfigurator.java:516)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.apache.log4j.PropertyConfigurator.configure(PropertyConfigurator.java:440)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.common.logging.log4j.LogConfigurator.configure(LogConfigurator.java:112)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Bootstrap.setupLogging(Bootstrap.java:131)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Bootstrap.main(Bootstrap.java:216)

Sep 03 22:41:33 es3 elasticsearch[25025]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:32)

Sep 03 22:41:33 es3 elasticsearch[25025]: log4j:ERROR Either File or DatePattern options are not set for appender [access_log].

I installed version 0.5. Maybe the problem is with the version I installed? I’ve found no version matrix on the project page on github the way I normally do on other plugin pages.

Here’s the github page for the project:

Search Guard Security Plugin for ES 1.6

I didn’t find a version for 1.7, so I tried the version for 1.6 hoping for backward compatibility.

Just wondering if anyone has any experience with this plugin in getting it to work under ES 1.7.1. I’m running this on CentOS 7.

Hello,

Searchguard is not compatible with ElasticSearch > 1.6.2 yet.
Best Regards

That (1.6) was released back in June…1.7 came out in July… seems to be taking a while…

···

On Friday, September 4, 2015 at 5:27:52 AM UTC-4, simon....@gmail.com wrote:

Hello,

Searchguard is not compatible with ElasticSearch > 1.6.2 yet.
Best Regards

Search Guard for ES 1.7.3 now available: https://github.com/floragunncom/search-guard/tree/es1.7

···

Am Freitag, 4. September 2015 16:52:53 UTC+2 schrieb Tim Dunphy:

That (1.6) was released back in June…1.7 came out in July… seems to be taking a while…

On Friday, September 4, 2015 at 5:27:52 AM UTC-4, simon....@gmail.com wrote:

Hello,

Searchguard is not compatible with ElasticSearch > 1.6.2 yet.
Best Regards