-
Notifications
You must be signed in to change notification settings - Fork 24.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Elasticsearch starts with security manager exceptions #21932
Comments
Elasticsearch ships a default jvm.options file that includes the option |
Great thanks I didn't notice that the updated rc script and elasticsearch.in.sh was not pulling this in correctly, I will fix the FreeBSD port. Thanks! |
what answer about this question ? |
@bifenghui try to check your elasticsearch directory owner, I just got this error and found chown -R to proper user fixed it. |
@binjo Thank you, I have solved this problem。As you reply |
@binjo Your answer is help me. |
@binjo I have the same problem, but I can't resolve it with above means. |
When I start elasticsearch, I have the same problem: Exception in thread "main" java.lang.IllegalStateException: status logger logged an error before logging was configured |
I have changed ownership of below folders and it worked for me hown -R rajiv:mygroup /usr/share/elasticsearch chown -R rajiv:mygroup /var/run/elasticsearch/ Also changed below in /etc/init.d/elasticsearch #ES_USER="elasticsearch" |
@saliormoon @rajivkuriakose I think you have installed Elasticsearch from a package but are starting it by trying to invoke /usr/share/elasticsearch/bin/elasticsearch rather than starting from the service (e.g.,
|
Thanks,the problem has been resolved. |
Thanks! |
ElasticSeearch service is not allowed to run for "ROOT" user. That's why change the ownership of elasticsearch folder with below command: |
Hello @rajiv180984 , I have a doubt it may be coming from the jvm.options not being properly loaded or not having the proper access rights. Can you please help? Am using the following command to start Elasticsearch , sudo -u elasticsearch /usr/share/elasticsearch/bin/elasticsearch Thanks, Faldeen |
Hi @FaldeenOozeer |
@FaldeenOozeer Please read Jason's comment here: #21932 (comment) |
Please, explain me that. I've install ES 5.X from puppet module (https://forge.puppet.com/elasticsearch/elasticsearch) which could be run as service - it's started correctly but suddenly crash on: Exception: java.security.AccessControlException thrown from the UncaughtExceptionHandler in thread "Thread-2" I've already checked for ownership and it's correct. So, what could be? How could I fix it? |
@gstolarz-euvic Please use the forum. We use GitHub for verified bugs and feature requests, and use the forum for general questions. |
This change is backwards compatible since the ELK tools at version 5.x remain unchanged. The test suite now both tests ELK-5 and ELK-6. (cherry picked from commit 803077e)
Elasticsearch version: 5.0.2
Plugins installed: []
JVM version: openjdk version "1.8.0_112"
OS version: FreeBSD 10.3-RELEASE-p4 amd64
Description of the problem including expected versus actual behavior: Elasticsearch starts with security manager exceptions related to installing MBeans. Possibly caused by #21716
Steps to reproduce:
Provide logs (if relevant):
2016-12-02 11:23:11,825 main ERROR Could not register mbeans java.security.AccessControlException: access denied ("javax.management.MBeanTrustPermission" "register")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:585)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanTrustPermission(DefaultMBeanServerInterceptor.java:1848)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:322)
at com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:522)
at org.apache.logging.log4j.core.jmx.Server.register(Server.java:390)
at org.apache.logging.log4j.core.jmx.Server.reregisterMBeansAfterReconfigure(Server.java:167)
at org.apache.logging.log4j.core.jmx.Server.reregisterMBeansAfterReconfigure(Server.java:140)
at org.apache.logging.log4j.core.LoggerContext.setConfiguration(LoggerContext.java:507)
at org.apache.logging.log4j.core.LoggerContext.start(LoggerContext.java:249)
at org.apache.logging.log4j.core.impl.Log4jContextFactory.getContext(Log4jContextFactory.java:206)
at org.apache.logging.log4j.core.config.Configurator.initialize(Configurator.java:219)
at org.apache.logging.log4j.core.config.Configurator.initialize(Configurator.java:196)
at org.elasticsearch.common.logging.LogConfigurator.configureStatusLogger(LogConfigurator.java:125)
at org.elasticsearch.common.logging.LogConfigurator.configureWithoutConfig(LogConfigurator.java:67)
at org.elasticsearch.cli.Command.main(Command.java:59)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:89)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:82)
2016-12-02 11:23:12,121 main ERROR Could not register mbeans java.security.AccessControlException: access denied ("javax.management.MBeanTrustPermission" "register")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:585)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.checkMBeanTrustPermission(DefaultMBeanServerInterceptor.java:1848)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:322)
at com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:522)
at org.apache.logging.log4j.core.jmx.Server.register(Server.java:390)
at org.apache.logging.log4j.core.jmx.Server.reregisterMBeansAfterReconfigure(Server.java:167)
at org.apache.logging.log4j.core.jmx.Server.reregisterMBeansAfterReconfigure(Server.java:140)
at org.apache.logging.log4j.core.LoggerContext.setConfiguration(LoggerContext.java:507)
at org.apache.logging.log4j.core.LoggerContext.start(LoggerContext.java:249)
at org.elasticsearch.common.logging.LogConfigurator.configure(LogConfigurator.java:116)
at org.elasticsearch.common.logging.LogConfigurator.configure(LogConfigurator.java:83)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:254)
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:121)
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:112)
at org.elasticsearch.cli.SettingCommand.execute(SettingCommand.java:54)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:96)
at org.elasticsearch.cli.Command.main(Command.java:62)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:89)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:82)
Exception: java.security.AccessControlException thrown from the UncaughtExceptionHandler in thread "Thread-2"
The text was updated successfully, but these errors were encountered: