After an upgrade of ES to 6.2.2, we find we have a file named jvm.options.dpkg-dist, as our jvm.options file is modified and pushed with puppet.
On startup, SG is trying to read this file, and failing, causing elasticsearch to not start.
The read failure is due to the permissions on jvm.options.dpkg-dist being set root:elasticsearch 600 by dpkg.
The question is, why is SG trying to read this file in the first place? It’s irrelevant and does not contain any info for our environment.
We could fix this by having puppet set the permissions correctly on this file, but that seems unnecessary for a file we don’t want to read anyway.
Search Guard and Elasticsearch version: 6.2.2
Installed and used enterprise modules, if any: no modules
JVM version: openjdk-8-jre-headless:amd64 8u151-b12-0ubuntu0.16.04.2
Operating system version: Ubuntu 16.04.3 LTS
Search Guard configuration files: n/a
Other installed Elasticsearch or Kibana plugins, if any: none
Elasticsearch log messages on debug level:
[2018-02-27T11:20:39,251][ERROR][c.f.s.SearchGuardPlugin ] ElasticsearchSecurityException[Unable to digest file]; nested: AccessDeniedException[/etc/elasticsearch/jvm.options.dpkg-dist];
[2018-02-27T11:20:39,262][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [hostname] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]