New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Option to run ES as root not recognized #18688
Comments
Sorry for the chaos here. Elasticsearch previously permitted multiple ways of specifying settings and system properties, and entangled system properties and settings (each got converted to the other). Additionally, settings use to be extremely lenient. In Elasticsearch 5.0.0, we are attempting to make progress on these fronts. Now, all settings must be registered. Additionally, we have removed some of the multiple ways of specifying settings and system properties, and removed the entanglement between settings and system properties. Some of that work was in-progress when 5.0.0-alpha2 shipped. That's what you're running into here. In particular, you can't pass system properties as In 5.0.0-alpha3, all of this has been cleaned up. The entanglement between system properties and settings has been removed. This means that the system property The 5.0.0-alpha3 was released yesterday and is free of this problem. If you have a chance to download and try it out, I'd appreciate feedback on whether or not it worked out for you. That said, I would like to know your use case for running as root? I think that eventually it would be nice if we could remove this functionality while continuing to disallow running as root. |
I'll DL apha3 right now and re-test. Sorry about that. As for my use case, I wish I had a great one for you. I ended up running into a lot of one-off issues that were just more easily resolved by running as root. If I recall it had something to do with the fact that I was installing via the tar/zip files, and they did not include init scripts (like the Repo versions do), so I had written my own, and wasn't able, at the time, to figure out how to get an init script to run the process as a different user other than root. |
Thanks for the feedback @dayjavid! 😄
The reason that the services must be started as the root user is exactly so that the scripts can launch the processes as the elasticsearch user.
It sounds like it might be okay then if we push to remove this sooner rather than later. Am I reading you correctly? |
I will make sure that when I migrate to 5.0 I will be able to run as non-root, yes. |
Sounds like there is nothing left to do here, closing |
Thanks @dayjavid. 😄 |
Elasticsearch version:
5.0.0-alpha2
JVM version:
openjdk version "1.8.0_51"
OpenJDK Runtime Environment (build 1.8.0_51-b16)
OpenJDK 64-Bit Server VM (build 25.51-b03, mixed mode)
OS version:
uname -a
Linux ***** 2.6.32-504.8.1.el6.centos.plus.x86_64 # 1 SMP Wed Jan 28 20:58:59 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Description of the problem including expected versus actual behavior:
It was found, in previous versions, that to run Elasticsearch as root (Even though not recommended) was possible by running bin/elasticsearch with the -Des.insecure.allow.root=true option set.
I am unable to run ES as root in the new versions using this param. On the command line, it outputs the following:
I tried setting the option in the java.options file and I see that it is correctly passing the if check on line 90 of Bootstrap.java evident by the log output, however, it then throws an 'unknown setting' error for IllegalArgumentException (log output below).
Provide logs (if relevant):
The text was updated successfully, but these errors were encountered: