43

I'm getting the error below when I try to start ElasticSearch 5.0 with ./elasticsearch:

[2016-11-23T13:44:09,507][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:116) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:103) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.SettingCommand.execute(SettingCommand.java:54) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:96) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.cli.Command.main(Command.java:62) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:80) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:73) ~[elasticsearch-5.0.1.jar:5.0.1]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:96) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:155) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:286) ~[elasticsearch-5.0.1.jar:5.0.1]
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:112) ~[elasticsearch-5.0.1.jar:5.0.1]
    ... 6 more

I switched to another user and tried sudo ./elasticsearch and got the same error.

How do I start ElasticSearch as the root user?

alex
  • 6,818
  • 9
  • 52
  • 103
Santosh Hegde
  • 3,420
  • 10
  • 35
  • 51
  • Second line: `java.lang.RuntimeException: can not run elasticsearch as root`. And again later: `Caused by: java.lang.RuntimeException: can not run elasticsearch as root`. – Gavin Nov 23 '16 at 13:52

12 Answers12

30

Elasticsearch can't be run an root user. Elasticsearch itself restricts this. A new user named elasticsearch and group named elasticsearch is automatically created when we install elasticsearch. Can check entries by using following commands 

$ sudo less /etc/passwd | grep "elasticsearch"
$ sudo less /etc/group | grep "elasticsearch"

We need to change ownership of all elasticsearch related files. Please follow the steps mentioned below.

Steps:

1.Change owership of all ES related files from root to elasticsearch using example cmd below. 

$ sudo chown elasticsearch:elasticsearch -R /usr/share/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /var/log/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /var/lib/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /etc/default/elasticsearch
$ sudo chown elasticsearch:elasticsearch -R /etc/elasticsearch

2.Open /etc/default/elasticsearch file and do the following things

  a)JAVA_HOME=your/java/home/path
  b)add the following entries at the end
      i)   START_DAEMON=true
      ii)  ES_USER=elasticsearch
      iii) ES_GROUP=elasticsearch

3.Now enable elasticsearch service and start

  $ sudo systemctl enable elasticsearch
  $ sudo systemctl start elasticsearch
  $ sudo systemctl status elasticsearch

4.Test elasticsearch by using curl. Say your host ip is 192.168.5.194 and ES running on port 9200

$ curl -X GET ‘192.168.5.194:9200’

DONE!!

Ref. : https://stackoverflow.com/a/48390311/1445978

Devasish
  • 1,917
  • 2
  • 22
  • 32
  • Only step 1 was enough for me. I followed this: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-elasticsearch-on-ubuntu-22-04 and then did the permission changes mentioned in step 1 of this answer. – hafiz031 Dec 11 '22 at 05:18
  • step 2 - for RPM system like centOS, Rocky - the default is in "/etc/sysconfig/elasticsearc" – yehonatan yehezkel Jun 11 '23 at 09:13
11

Root cause of this issue is: ElasticSearch is not allowed to run from root owner. There is another possiblity for this issue "Java path is set for root user only not for all other users". Solution of this issue:

Step 1: Change the ownership of elasticSearch directory from root to other user by command. $sudo chown -R current_User:Group_Name elasticsearch-5.5.0

Setp 2: Check Java set in classpath for current user[not only for root]. If command : $java -version or echo $JAVA_HOME command giving empty result. That means we should set Java in classpath [system env varible] for current user then Follow Step 3. otherwise start elasticsearch service.

Step 3: Edit /etc/profile and add two lines as per your system dir export JAVA_HOME="Java dir location"

export PATH=$JAVA_HOME/bin:$PATH Run $source source /etc/profile

After this run elasticSearch service. It worked for me perfectly.

Rajeev Rathor
  • 1,830
  • 25
  • 20
5

There are two ways to solve this problem :

Method1: download zip file n unzip then start by following command

bin/elasticsearch -Des.insecure.allow.root=true -d

Method2:

vi bin/elasticsearch

Add property for allow root:

ES_JAVA_OPTS="-Des.insecure.allow.root=true"

Save and close. You can start by root now.

truekiller
  • 470
  • 6
  • 19
  • In order for method 1 to work for me I had to add an -E flag before the setting change. `bin/eleasticsearch -E -Des.insecure.allow.root=true -d` – BrettJ Oct 29 '19 at 10:08
  • 5
    This workaround does not work anymore. Seems they just removed this option completely. It definitely doesn't work for ES 7.X. Maybe for some earlier versions as well. – VAD May 26 '20 at 13:11
4

I had the same problem and I had to connect with another user. But first, I had to grant him the rights to execute the bin/elasticsearch.

KatKat
  • 41
  • 2
3

A little late reply, but relevant still now. I faced the same problem when i followed this, the last resort was to change the ownership of the folders which got un-zipped.

Just did sudo chown <nonrootuser> <unzipped-es-folder> -R does the trick.

P.S i was doing it on Ubuntu 17.04 LTS.

samairtimer
  • 826
  • 2
  • 12
  • 28
3

If you're trying to run with systemd or as a service make sure that your .service file is running as user and group elasticsearch. You can specify your user and group under the Service field.

It's usually located in /etc/systemd/system/elasticsearch.service:

[Service]
Type=simple
ExecStart=/usr/share/elasticsearch/bin/elasticsearch
Restart=on-failure
RestartSec=10
KillMode=process
User=elasticsearch
Group=elasticsearch
double-beep
  • 5,031
  • 17
  • 33
  • 41
Woody
  • 125
  • 8
  • works like a charm, I am setting up second ES instances on the single box this resolved my issue. – Allen Mar 31 '21 at 13:28
1

Its a common mistake run bin/elasticsearch from the root folder.

Mahendra S. Chouhan
  • 495
  • 4
  • 8
  • 1
    Agreed. There is a reason ElasticSearch shouldn't run as root. Please refer to this document https://www.elastic.co/blog/bootstrap_checks_annoying_instead_of_devastating. They did it to prevent support issue in production environment. Some argued that they are running in docker environment, and it should be handled otherwise. Please refer to this https://discuss.elastic.co/t/why-is-it-elasticsearch-is-not-allowed-to-run-as-root/60413 Bottom line. Be careful and understand what you are doing. – g5thomas Apr 25 '20 at 13:51
1

Why to run everything as a root user. Use a normal user instead of root user.

Switch to normal user and run it. If you don't have a any other user refer to Linuxize document on creating a user.

If you can't run it as a normal user then check the permissions for the file, Give complete access to the user over the file or folder using chmod 777 <elastic_search_folder>.

Please refer to chmod wiki document for further details.

If you want to use root user then do the following command from the elastic search folder.

./elasticsearch -Des.insecure.allow.root=true

re-run the the elastic search. It should definately work.

Sarath Chandra
  • 81
  • 1
  • 6
0

This was asked before for ES2 (How to run Elasticsearch 2.1.1 as root user in Linux machine)

The same solution may work for 5.

As stated previously, you should probably not so this..

Community
  • 1
  • 1
jpindahouse
  • 19
  • 3
0

Create a separate user without giving sudo privileges. ex: adduser elasticsearch then grant ownership of the folder to that user ex: chown -R elasticsearch:elasticsearch elasticsearch-folder then switch to that user ex: su elasticsearch Now try running the service ex: ./elasticsearch-xxx/bin/elasticsearch

ChamaraL
  • 351
  • 4
  • 7
0

-Ees.insecure.allow.root method did not work for me, as I was on version 7.9.0.

And I was too lazy to go for chown method, mentioned by @Devasish.

Instead, tried a bit lengthy one:

Create a non-root user for elastic-search:

ubuntu ~ # adduser elasticuser

Must use adduser command, not useradd. adduser will auto-create the home directory.

Copy elastic-search folder from root's home-directory to elasticuser's home-directory:

ubuntu ~ # cp -R ./elasticsearch-7.9.0 /home/elasticuser/elasticsearch-7.9.0

Switch to the non-root user:

ubuntu ~ # su - elasticuser

Now, run elastic-search from the non-root user:

elasticuser@ubuntu ~ $ ./elasticsearch-7.9.0/bin/elasticsearch
AbdulMoizHussain
  • 79
  • 3
0

On centos 8,

adduser elasticuser
chown -R elasticuser:elasticsearch /usr/share/elasticsearch/
chown -R elasticuser:elasticsearch /etc/sysconfig/elasticsearch
chown -R elasticuser:elasticsearch /etc/elasticsearch
chown -R elasticuser:elasticsearch /var/log/elasticsearch/
chown -R elasticuser:elasticsearch /var/lib/elasticsearch

To run elasticsearch:

su elasticuser
/usr/share/elasticsearch/bin/elasticsearch
Patrice G
  • 89
  • 5