-
Notifications
You must be signed in to change notification settings - Fork 24.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ES 2.0 rpm does not create /home/elasticsearch #14453
Comments
The value of HOME used when creating the elasticsearch user should probably be set to something other than /home/elasticsearch that exists and has executable permissions for the elasticsearch user. In the interim, you can just set HOME to something else, like |
I just have the puppet role create /home/elasticseach. Its a packaging bug, creating a user with the wrong home directory set. Either create the home directory, or like you said, set home to /var/lib/elasticsearch or whatever. |
On 2.0 it doesn't look like we're setting the home directory, no? https://github.com/elastic/elasticsearch/blob/2.0/distribution/src/main/packaging/scripts/preinst#L67 Is this user not a hangover from a previous installation? |
If we don't set the home directory, I think it defaults to whatever the base home directory is in /etc/default/useradd plus the username. So usually this ends up being |
@clintongormley I don't think that the file has changed since 1.6 at least https://github.com/elastic/elasticsearch/blob/1.6/src/packaging/common/scripts/preinst#L67 Before that, it was using the specific scripts: https://github.com/elastic/elasticsearch/blob/1.4/src/rpm/scripts/preinstall I went ahead and installed ES 1.4.3, 1.7.3, and ES 2.0.0 (in reverse order) onto a CentOS 7 VM via |
In ES 1.6 an effort has been made to unify the behaviour of package & install scripts among the different Linux distributions and I think the change has been made at this time. Elasticsearch does not need any home directory to work so it is not created by the scripts. Depending of the distribution, |
I don't know what the original version of ES was installed on that cluster, but somewhere along the line /home/elasticsearch was created. It was a cron job failing on a redeploy that kicked out the message. If it's not expected to create it, then I guess it's not a bug. If I look at most other "system type" users in RHEL/CentOS they normally set the homedir to / in the passwd file, or in the case of some services that store a lot of data, their var dir. Debian seems to just create a /home/USER dir for non data storing services. TLDR; Seems weird to create a user with a home directory that doesn't exist. I'd vote either create the dir (to be consistent with debian), or point it to / to be consistent RHEL. |
/home/elasticsearch is also useful to house .java.policy files as discussed here: https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-scripting-security.html#_customising_the_classloader_whitelist |
Just extend the |
Guys are you planning first anniversary celebration because it is almost 1 year old!? The bug #20599 which was closed as duplicate was actually better titled because the problem is not that home directory is not being created but because the correct one is undefined during user creation in rpm. JakeFromTheDark solution is correct. The other is similar but with /var/lib/elasticsearch set as home dir. Pretty please with a sugar on top fix it :) |
This commit adds setting the homedir for the elasticsearch user to the adduser command in the packaging preinstall script. While the elasticsearch user is a system user, it is sometimes conventient to have an existing homedir (even if it is not writeable). For example, running cron as the elasticsearch user will try to change dir to the homedir. closes elastic#14453
This commit adds setting the homedir for the elasticsearch user to the adduser command in the packaging preinstall script. While the elasticsearch user is a system user, it is sometimes conventient to have an existing homedir (even if it is not writeable). For example, running cron as the elasticsearch user will try to change dir to the homedir. closes #14453
This commit adds setting the homedir for the elasticsearch user to the adduser command in the packaging preinstall script. While the elasticsearch user is a system user, it is sometimes conventient to have an existing homedir (even if it is not writeable). For example, running cron as the elasticsearch user will try to change dir to the homedir. closes #14453
The issue is still prevalent in Elasticsearch 6.x where the Confirmed with package |
@prupert It was an intentional decision to explicitly not create the home dir, as |
Although I'm not sure setting an invalid home directory is the right way to prevent/nudge users not to run cron with the Thank you for your reply. I will discontinue using the |
Causes issue if you try to run a cron job as the ES user. Issue on centos 6, package from the repo.
The text was updated successfully, but these errors were encountered: