Improve documentation for package distributions folder access rights #29578
Labels
:Delivery/Packaging
RPM and deb packaging, tar and zip archives, shell and batch scripts
>docs
General docs changes
Team:Delivery
Meta label for Delivery team
Comments
jasontedor
added
the
:Delivery/Packaging
|
Pinging @elastic/es-core-infra |
|
The changes in #26412 were explicitly to fix this problem of access writes. By using setgid, all files under elasticsearch will have write permission for the elasticsearch user (through group write). Additionally, as of 6.3.0, creating the keystore will no longer be necessary directly, as it is created on package installation. Given those points, I'm going to close this as I don't think there is anything necessary to change in the docs. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Setting up the Elastic Stack https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html mentions that for the package distributions, the config directory location defaults to /etc/elasticsearch and this can be changed. When setting up security with keystore (https://www.elastic.co/guide/en/elasticsearch/reference/current/secure-settings.html) and following 'All commands here should be run as the user which will run Elasticsearch.' the elasticsearch user does not have access rights to /etc/elasticsearch as intended and explained in #26412
I would propose to state clearer that for package distributions special care must be taken, e.g. changing the default path or running bin/elasticsearch-keystore create with elevated rights in this case.
The text was updated successfully, but these errors were encountered: