Elasticsearch 无法打开日志文件:权限被拒绝

Elasticsearch 无法打开日志文件:权限被拒绝

错误

我在 CentOS 上安装了 Elasticsearch rpm,当我尝试通过以下方式启动它时遇到此错误systemctl start elasticsearch

Feb 20 21:08:34 server.cberdata.org systemd[1]: Started Elasticsearch.
Feb 20 21:08:34 server.cberdata.org elasticsearch[4226]: OpenJDK 64-Bit Server VM warning: Cannot open file /var/log/elasticsearch/gc.log due to Permission denied
Feb 20 21:08:51 server.cberdata.org systemd[1]: elasticsearch.service: main process exited, code=exited, status=78/n/a
Feb 20 21:08:51 server.cberdata.org systemd[1]: Unit elasticsearch.service entered failed state.
Feb 20 21:08:51 server.cberdata.org systemd[1]: elasticsearch.service failed.

尤其: Cannot open file /var/log/elasticsearch/gc.log due to Permission denied


权限

权限/var

drwxr-xr-x  21 root root  4096 Feb 11 19:10 var

权限/var/log

drwxrwxr--  12 root  root   4096 Feb 20 21:00 log

权限/var/log/elasticsearch

drwxrwxrwx  2 elasticsearch elasticsearch        4096 Feb 20 20:56 elasticsearch

权限/var/log/elasticsearch/gc.log
(我手动创建以查看是否有帮助,但这样做对错误没有影响):

-rwxrwxrwx  1 elasticsearch elasticsearch      0 Feb 20 20:56 gc.log

/var/log将权限设置为drwxrwxrwx似乎可以解决问题,但我对此犹豫不决,因为它似乎不安全,并且会导致这些新错误:

/etc/cron.daily/logrotate:
error: skipping "/var/log/exim_mainlog" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

我是否正确地认为systemctl/systemd正在以用户身份运行此服务elasticsearch?如果这样做,文件及其目录的所有者(具有明显的读/写/执行权限)怎么可能没有打开该文件的权限?

答案1

该目录/var/log774权限。由于未设置执行位,elasticsearch 用户无法遍历目录来获取elasticsearch目录和gc.log其中包含的文件。

通常,该/var/log目录具有755权限,否则除 root 之外的任何人运行的服务或应用程序都无法写入该目录。

您可以使用以下方法修复它:

chmod 755 /var/log

您也不需要拥有777elasticsearch 目录和日志文件的权限。可以使用上述命令的变体来设置权限:

chmod -R 755 /var/log/elasticsearch

答案2

您仍然可以立即访问它,如下所示:

sudo nano /var/log/elasticsearch/elasticsearch.log

相关内容