Run elastic search as root user

Santosh Hegde picture Santosh Hegde · Nov 23, 2016 · Viewed 60.7k times · Source

Im getting below error when i tried to start elastic search 5.0 with command ./elasticsearch and getting below error.

[2016-11-23T13:44:09,507][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:116) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:103) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.SettingCommand.execute(SettingCommand.java:54) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:96) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.Command.main(Command.java:62) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:80) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:73) ~[elasticsearch-5.0.1.jar:5.0.1]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:96) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:155) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:286) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:112) ~[elasticsearch-5.0.1.jar:5.0.1]
    ... 6 more

I tried to start by switching to other user and tried sudo ./elasticsearch and got the same error. How to start elastic search as root user ?

Answer

Devasish picture Devasish · Nov 13, 2018

Elasticsearch can't be run an root user. Elasticsearch itself restricts this. A new user named elasticsearch and group named elasticsearch is automatically created when we install elasticsearch. Can check entries by using following commands

$ sudo less /etc/passwd | grep "elasticsearch"
$ sudo less /etc/group | grep "elasticsearch"

We need to change ownership of all elasticsearch related files. Please follow the steps mentioned below.

Steps:

1.Change owership of all ES related files from root to elasticsearch using example cmd below.

$ sudo chown elasticsearch:elasticsearch -R /usr/share/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /var/log/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /var/lib/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /etc/default/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /etc/elasticsearch

2.Open /etc/default/elasticsearch file and do the following things

  a)JAVA_HOME=your/java/home/path
  b)add the following entries at the end
      i)   START_DAEMON=true
      ii)  ES_USER=elasticsearch
      iii) ES_GROUP=elasticsearch

3.Now enable elasticsearch service and start

  $ sudo systemctl enable elasticsearch
  $ sudo systemctl start elasticsearch
  $ sudo systemctl status elasticsearch

4.Test elasticsearch by using curl. Say your host ip is 192.168.5.194 and ES running on port 9200

$ curl -X GET ‘192.168.5.194:9200’

DONE!!

Ref. : https://stackoverflow.com/a/48390311/1445978