Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSearch modifies log files permissions #2139

Closed
rauldpm opened this issue Mar 23, 2023 · 18 comments · May be fixed by #2366
Closed

OpenSearch modifies log files permissions #2139

rauldpm opened this issue Mar 23, 2023 · 18 comments · May be fixed by #2366
Assignees
@AlexRuiz7
Labels
component: indexer level/task Subtask issue qa_known Issues that are already known by the QA team to-be-solved-in-fork type/bug Bug issue

Comments

@rauldpm
Copy link
Member

rauldpm commented Mar 23, 2023
edited by AlexRuiz7
Loading

Description

ERROR StatusConsoleListener Could not define attribute view on path "/var/log/wazuh-indexer/wazuh-cluster.log" got access denied
Full log 

Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: ERROR StatusConsoleListener Could not define attribute view on path "/var/log/wazuh-indexer/wazuh-cluster.log" got access denied
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:485)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/java.security.AccessController.checkPermission(AccessController.java:1068)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:416)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:181)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.FileManager.defineAttributeView(FileManager.java:216)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.FileManager.createOutputStream(FileManager.java:203)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.createFileAfterRollover(RollingFileManager.java:421)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:398)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.checkRollover(RollingFileManager.java:308)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.appender.RollingFileAppender.append(RollingFileAppender.java:300)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:161)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:134)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:125)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:89)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:683)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:641)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:624)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:560)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:82)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.core.Logger.log(Logger.java:163)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.tryLogMessage(AbstractLogger.java:2168)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageTrackRecursion(AbstractLogger.java:2122)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2105)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:1991)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1854)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.apache.logging.log4j.spi.AbstractLogger.info(AbstractLogger.java:1288)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.node.Node.<init>(Node.java:428)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.node.Node.<init>(Node.java:401)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:242)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.Bootstrap.setup(Bootstrap.java:242)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.Bootstrap.init(Bootstrap.java:404)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:180)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.OpenSearch.execute(OpenSearch.java:171)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:104)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.cli.Command.mainWithoutErrorHandling(Command.java:138)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.cli.Command.main(Command.java:101)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:137)
Apr 10 09:34:58 rhel7.localdomain systemd-entrypoint[1024]: at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:103)


Dec 07 16:01:17 wazuh-server systemd-entrypoint[997]: 2022-12-07 16:01:17,690 main ERROR Could not define attribute view on path "/var/log/wazuh-indexer/wazuh-cluster.log" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
  • Tests have been carried out on both OpenSearch 2.4.1 and OpenSearch 2.6.0 (latest version) and both present the same behavior, this can be reproduced as follows:
Steps to reproduce the error
  1. Install an AIO deployment in a VM
  2. Check file permissions (640)
  3. Shutdown VM
  4. Initialize the VM, access it, and check that the file permissions have not changed
  5. Shutdown VM, change host date (+1 day)
  6. Start VM and access it
  7. Check that the file permissions have changed (640 -> 644)
  • The tests carried out in OpenSearch following this procedure are the following:
OpenSearch 2.4.1
  • OpenSearch 2.4.1 install 
    [root@centos7 vagrant]# yum localinstall opensearch-2.4.1-linux-x64.rpm 
Loaded plugins: fastestmirror
Examining opensearch-2.4.1-linux-x64.rpm: opensearch-2.4.1-1.x86_64
Marking opensearch-2.4.1-linux-x64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package opensearch.x86_64 0:2.4.1-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================================================================================================
 Package                                                        Arch                                                       Version                                                       Repository                                                                       Size
===============================================================================================================================================================================================================================================================================
Installing:
 opensearch                                                     x86_64                                                     2.4.1-1                                                       /opensearch-2.4.1-linux-x64                                                     747 M

Transaction Summary
===============================================================================================================================================================================================================================================================================
Install  1 Package

Total size: 747 M
Installed size: 747 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : opensearch-2.4.1-1.x86_64                                                                                                                                                                                                                                   1/1 
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable opensearch.service
### You can start opensearch service by executing
 sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
 See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
  Verifying  : opensearch-2.4.1-1.x86_64                                                                                                                                                                                                                                   1/1 

Installed:
  opensearch.x86_64 0:2.4.1-1                                                                                                                                                                                                                                                  

Complete!
  • Service start and files permissions 
    [root@centos7 vagrant]# ls -l /var/log/opensearch/
total 4
-rw-r--r--. 1 opensearch opensearch 1691 Mar 23 16:05 install_demo_configuration.log
[root@centos7 vagrant]# systemctl start opensearch
[root@centos7 vagrant]# systemctl status opensearch
● opensearch.service - OpenSearch
  Loaded: loaded (/usr/lib/systemd/system/opensearch.service; disabled; vendor preset: disabled)
  Active: active (running) since Thu 2023-03-23 16:06:19 UTC; 9s ago
    Docs: https://opensearch.org/
Main PID: 3463 (java)
  CGroup: /system.slice/opensearch.service
          └─3463 /usr/share/opensearch/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceI...

Mar 23 16:06:08 centos7 systemd[1]: Starting OpenSearch...
Mar 23 16:06:09 centos7 systemd-entrypoint[3463]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 23 16:06:09 centos7 systemd-entrypoint[3463]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.4.1.jar)
Mar 23 16:06:09 centos7 systemd-entrypoint[3463]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Mar 23 16:06:09 centos7 systemd-entrypoint[3463]: WARNING: System::setSecurityManager will be removed in a future release
Mar 23 16:06:10 centos7 systemd-entrypoint[3463]: WARNING: A terminally deprecated method in java.lang.System has been called
Mar 23 16:06:10 centos7 systemd-entrypoint[3463]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.4.1.jar)
Mar 23 16:06:10 centos7 systemd-entrypoint[3463]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Mar 23 16:06:10 centos7 systemd-entrypoint[3463]: WARNING: System::setSecurityManager will be removed in a future release
Mar 23 16:06:19 centos7 systemd[1]: Started OpenSearch.
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 284
-rw-r--r--. 1 opensearch opensearch 37822 Mar 23 16:06 gc.log
-rw-r--r--. 1 opensearch opensearch  2006 Mar 23 16:06 gc.log.00
-rw-r--r--. 1 opensearch opensearch  1691 Mar 23 16:05 install_demo_configuration.log
-rw-r-----. 1 opensearch opensearch   369 Mar 23 16:06 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch   252 Mar 23 16:06 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.log
-rw-r-----. 1 opensearch opensearch 33878 Mar 23 16:06 opensearch.log
-rw-r-----. 1 opensearch opensearch 65792 Mar 23 16:06 opensearch_server.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.log
[root@centos7 vagrant]# shutdown now
Connection to 127.0.0.1 closed by remote host.
  • Files permissions after reboot (Service not enabled) 
    [vagrant@centos7 ~]$ sudo su
[root@centos7 vagrant]# systemctl status opensearch
● opensearch.service - OpenSearch
  Loaded: loaded (/usr/lib/systemd/system/opensearch.service; disabled; vendor preset: disabled)
  Active: inactive (dead)
    Docs: https://opensearch.org/
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 160
-rw-r--r--. 1 opensearch opensearch 40129 Mar 23 16:06 gc.log
-rw-r--r--. 1 opensearch opensearch  2006 Mar 23 16:06 gc.log.00
-rw-r--r--. 1 opensearch opensearch  1691 Mar 23 16:05 install_demo_configuration.log
-rw-r-----. 1 opensearch opensearch   369 Mar 23 16:06 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch   252 Mar 23 16:06 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.log
-rw-r-----. 1 opensearch opensearch 34578 Mar 23 16:06 opensearch.log
-rw-r-----. 1 opensearch opensearch 68007 Mar 23 16:06 opensearch_server.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.log
[root@centos7 vagrant]# systemctl start opensearch
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 352
-rw-r--r--. 1 opensearch opensearch  35583 Mar 23 16:08 gc.log
-rw-r--r--. 1 opensearch opensearch   2006 Mar 23 16:06 gc.log.00
-rw-r--r--. 1 opensearch opensearch  40129 Mar 23 16:06 gc.log.01
-rw-r--r--. 1 opensearch opensearch   2006 Mar 23 16:08 gc.log.02
-rw-r--r--. 1 opensearch opensearch   1691 Mar 23 16:05 install_demo_configuration.log
-rw-r-----. 1 opensearch opensearch    738 Mar 23 16:08 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch    504 Mar 23 16:08 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_index_search_slowlog.log
-rw-r-----. 1 opensearch opensearch  65197 Mar 23 16:08 opensearch.log
-rw-r-----. 1 opensearch opensearch 126066 Mar 23 16:08 opensearch_server.json
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch      0 Mar 23 16:06 opensearch_task_detailslog.log
[root@centos7 vagrant]# shutdown now
Connection to 127.0.0.1 closed by remote host.
  • Service enabled before system reboot with date change 
    vagrant@centos7 ~]$ sudo su
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 320
-rw-r--r--. 1 opensearch opensearch 37608 Mar 23 16:11 gc.log
-rw-r--r--. 1 opensearch opensearch  2006 Mar 23 16:06 gc.log.00
-rw-r--r--. 1 opensearch opensearch 40129 Mar 23 16:06 gc.log.01
-rw-r--r--. 1 opensearch opensearch  2006 Mar 23 16:08 gc.log.02
-rw-r--r--. 1 opensearch opensearch 37715 Mar 23 16:08 gc.log.03
-rw-r--r--. 1 opensearch opensearch  2006 Mar 23 16:10 gc.log.04
-rw-r--r--. 1 opensearch opensearch 42955 Mar 23 16:11 gc.log.05
-rw-r--r--. 1 opensearch opensearch  1982 Mar 24  2023 gc.log.06
-rw-r--r--. 1 opensearch opensearch  1691 Mar 23 16:05 install_demo_configuration.log
-rw-r--r--. 1 opensearch opensearch 18325 Mar 24  2023 opensearch-2023-03-23-1.json.gz
-rw-r--r--. 1 opensearch opensearch 12521 Mar 24  2023 opensearch-2023-03-23-1.log.gz
-rw-r-----. 1 opensearch opensearch  1476 Mar 24  2023 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch  1008 Mar 24  2023 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_index_search_slowlog.log
-rw-r--r--. 1 opensearch opensearch 30618 Mar 23 16:11 opensearch.log
-rw-r--r--. 1 opensearch opensearch 58058 Mar 23 16:11 opensearch_server.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:06 opensearch_task_detailslog.log
[root@centos7 vagrant]# journalctl -r -u opensearch.service | grep ERROR
Mar 24 17:11:06 centos7 systemd-entrypoint[365]: 2023-03-24 17:11:06,206 main ERROR Could not define attribute view on path "/var/log/opensearch/opensearch.log" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
Mar 24 17:11:06 centos7 systemd-entrypoint[365]: 2023-03-24 17:11:06,191 main ERROR Could not define attribute view on path "/var/log/opensearch/opensearch_server.json" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation")
[root@centos7 vagrant]# /usr/share/opensearch/bin/opensearch -V
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.4.1.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
WARNING: System::setSecurityManager will be removed in a future release
Version: 2.4.1, Build: rpm/f2f809ea280ffba217451da894a5899f1cec02ab/2022-12-12T22:17:31.255181151Z, JVM: 17.0.5
OpenSearch 2.6.0
  • OpenSearch 2.6.0 install and enable service 
    [root@centos7 vagrant]# yum localinstall opensearch-2.6.0-linux-x64.rpm -y
Loaded plugins: fastestmirror
Examining opensearch-2.6.0-linux-x64.rpm: opensearch-2.6.0-1.x86_64
Marking opensearch-2.6.0-linux-x64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package opensearch.x86_64 0:2.6.0-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================================================================================================================================================================
Package                                                        Arch                                                       Version                                                       Repository                                                                       Size
===============================================================================================================================================================================================================================================================================
Installing:
opensearch                                                     x86_64                                                     2.6.0-1                                                       /opensearch-2.6.0-linux-x64                                                     931 M

Transaction Summary
===============================================================================================================================================================================================================================================================================
Install  1 Package

Total size: 931 M
Installed size: 931 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : opensearch-2.6.0-1.x86_64 [########################                                                                                                                                                                                                       ] 1  Installing : opensearch-2.6.0-1.x86_64 [##########################                                                                                                                                                                                                     ] 1  Installing : opensearch-2.6.0-1.x86_64 [############################                                                                                                                                                                                                   ] 1  Installing : opensearch-2.6.0-1.x86_64                                                                                          1/1 
### NOT starting on installation, please execute the following statements to configure opensearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable opensearch.service
### You can start opensearch service by executing
sudo systemctl start opensearch.service
### Create opensearch demo certificates in /etc/opensearch/
See demo certs creation log in /var/log/opensearch/install_demo_configuration.log
  Verifying  : opensearch-2.6.0-1.x86_64                                                                                          1/1 

Installed:
  opensearch.x86_64 0:2.6.0-1                                                                                                         

Complete!
[root@centos7 vagrant]# systemctl enable opensearch
Created symlink from /etc/systemd/system/multi-user.target.wants/opensearch.service to /usr/lib/systemd/system/opensearch.service.
[root@centos7 vagrant]# systemctl status opensearch
● opensearch.service - OpenSearch
  Loaded: loaded (/usr/lib/systemd/system/opensearch.service; enabled; vendor preset: disabled)
  Active: inactive (dead)
    Docs: https://opensearch.org/
  • Service start and files permissions 
    [root@centos7 vagrant]# ls -l /var/log/opensearch/
total 4
-rw-r--r--. 1 opensearch opensearch 1691 Mar 23 16:45 install_demo_configuration.log
[root@centos7 vagrant]# systemctl start opensearch
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 288
-rw-r--r--. 1 opensearch opensearch 39466 Mar 23 16:46 gc.log
-rw-r--r--. 1 opensearch opensearch  2007 Mar 23 16:46 gc.log.00
-rw-r--r--. 1 opensearch opensearch  1691 Mar 23 16:45 install_demo_configuration.log
-rw-r-----. 1 opensearch opensearch   832 Mar 23 16:46 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch   511 Mar 23 16:46 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_search_slowlog.log
-rw-r-----. 1 opensearch opensearch 38029 Mar 23 16:46 opensearch.log
-rw-r-----. 1 opensearch opensearch 75482 Mar 23 16:46 opensearch_server.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_task_detailslog.log
[root@centos7 vagrant]# shutdown now
Connection to 127.0.0.1 closed by remote host.
  • Service enabled before system reboot with date change 
    [vagrant@centos7 ~]$ sudo su
[root@centos7 vagrant]# ls -l /var/log/opensearch/
total 360
-rw-r--r--. 1 opensearch opensearch 44912 Mar 23 16:49 gc.log
-rw-r--r--. 1 opensearch opensearch  2007 Mar 23 16:46 gc.log.00
-rw-r--r--. 1 opensearch opensearch 42816 Mar 23 16:47 gc.log.01
-rw-r--r--. 1 opensearch opensearch  1983 Mar 23 16:47 gc.log.02
-rw-r--r--. 1 opensearch opensearch 42019 Mar 23 16:48 gc.log.03
-rw-r--r--. 1 opensearch opensearch  1983 Mar 24  2023 gc.log.04
-rw-r--r--. 1 opensearch opensearch  1691 Mar 23 16:45 install_demo_configuration.log
-rw-r--r--. 1 opensearch opensearch 13616 Mar 24  2023 opensearch-2023-03-23-1.json.gz
-rw-r--r--. 1 opensearch opensearch 12522 Mar 24  2023 opensearch-2023-03-23-1.log.gz
-rw-r-----. 1 opensearch opensearch  1570 Mar 24  2023 opensearch_deprecation.json
-rw-r-----. 1 opensearch opensearch  1015 Mar 24  2023 opensearch_deprecation.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_indexing_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_indexing_slowlog.log
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_search_slowlog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_index_search_slowlog.log
-rw-r--r--. 1 opensearch opensearch 43079 Mar 23 16:48 opensearch.log
-rw-r--r--. 1 opensearch opensearch 73723 Mar 23 16:48 opensearch_server.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_task_detailslog.json
-rw-r-----. 1 opensearch opensearch     0 Mar 23 16:46 opensearch_task_detailslog.log
[root@centos7 vagrant]# /usr/share/opensearch/bin/opensearch -V
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.6.0.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
WARNING: System::setSecurityManager will be removed in a future release
Version: 2.6.0, Build: rpm/7203a5af21a8a009aece1474446b437a3c674db6/2023-02-24T18:57:09.290618503Z, JVM: 17.0.6
@vikman90 vikman90 added type/bug Bug issue and removed type: bug labels Jun 14, 2023
@vcerenu vcerenu mentioned this issue Aug 16, 2023
Closed
2 tasks
@damarisg damarisg mentioned this issue Aug 16, 2023
Closed
@wazuhci wazuhci moved this to Triage in Release 4.5.1 Aug 16, 2023
@AlexRuiz7
Copy link
Member

Log4j handles the rotation of logs. The files are created using the permission inherited by the user running the process. In this case, systemd. The permissions are calculated using the umask.

The unit file /usr/lib/systemd/system/wazuh-indexer.service has to use umask=0027 in order to create the files with 640 permissions.

Mask Files (requested permissions 666)
027 640 (rw-r-----)

A brief testing has proven that the umask directive makes log4j use the correct permissions to create the log files, solving the error without further changes. We should include this in our systemd unit file to solve the issue.

@c-bordon
Copy link
Member

Update report

I did some tests with the proposed change here in the file:

/usr/lib/systemd/system/wazuh-indexer.service

[Unit]
Description=Wazuh-indexer
Documentation=https://documentation.wazuh.com
Wants=network-online.target
After=network-online.target

[Service]
Type=notify
RuntimeDirectory=wazuh-indexer
PrivateTmp=yes
Environment=OPENSEARCH_HOME=/usr/share/wazuh-indexer
Environment=OPENSEARCH_PATH_CONF=/etc/wazuh-indexer
Environment=PID_DIR=/run/wazuh-indexer
Environment=OPENSEARCH_SD_NOTIFY=true
EnvironmentFile=-/etc/sysconfig/wazuh-indexer

WorkingDirectory=/usr/share/wazuh-indexer

User=wazuh-indexer
Group=wazuh-indexer
UMask=0027

...

I built a package with this change and performed the tests as indicated in the issue header and I was able to validate that the permissions were not modified after rotating the logs, they remained at 0640

[root@centos7-1 ~]# ls -la /var/log/wazuh-indexer/
total 236
drwxr-x---.  2 wazuh-indexer wazuh-indexer  4096 Aug 18 11:26 .
drwxr-xr-x. 11 root          root           4096 Aug 18 11:29 ..
-rw-r-----.  1 wazuh-indexer wazuh-indexer 45922 Aug 18 11:32 gc.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer  2012 Aug 18 11:26 gc.log.00
-rw-r-----.  1 wazuh-indexer wazuh-indexer  2358 Aug 18 11:31 wazuh-cluster_deprecation.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer  1374 Aug 18 11:31 wazuh-cluster_deprecation.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer 40036 Aug 18 11:31 wazuh-cluster.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer 85085 Aug 18 11:31 wazuh-cluster_server.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_task_detailslog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_task_detailslog.log
[root@centos7-1 ~]# date
Fri Aug 18 11:34:16 UTC 2023

[root@centos7-1 ~]# poweroff
Connection to 127.0.0.1 closed by remote host.
cbordon@cbordon-MS-7C88:~/Documents/wazuh/local-test/vagrant-tests/centos/7$ vagrant up && vagrant ssh
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Checking if box 'centos/7' version '2004.01' is up to date...
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
    default: Adapter 2: hostonly
==> default: Forwarding ports...
    default: 22 (guest) => 2222 (host) (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address: 127.0.0.1:2222
    default: SSH username: vagrant
    default: SSH auth method: private key
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
    default: No guest additions were detected on the base box for this VM! Guest
    default: additions are required for forwarded ports, shared folders, host only
    default: networking, and more. If SSH fails on this machine, please install
    default: the guest additions and repackage the box to continue.
    default: 
    default: This is not an error message; everything may continue to work properly,
    default: in which case you may ignore this message.
==> default: Setting hostname...
==> default: Configuring and enabling network interfaces...
==> default: Rsyncing folder: /home/cbordon/Documents/wazuh/local-test/vagrant-tests/centos/7/ => /vagrant
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: flag to force provisioning. Provisioners marked to run always will still run.
Last login: Fri Aug 18 11:05:30 2023 from 10.0.2.2
[vagrant@centos7-1 ~]$ sudo su -
Last login: Fri Aug 18 11:22:39 UTC 2023 on pts/0
[root@centos7-1 ~]# ls -la /var/log/wazuh-indexer/
total 432
drwxr-x---.  2 wazuh-indexer wazuh-indexer   4096 Aug 18 11:34 .
drwxr-xr-x. 11 root          root            4096 Aug 18 11:34 ..
-rw-r-----.  1 wazuh-indexer wazuh-indexer  30174 Aug 18 11:35 gc.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer   2012 Aug 18 11:26 gc.log.00
-rw-r-----.  1 wazuh-indexer wazuh-indexer  53312 Aug 18 11:34 gc.log.01
-rw-r-----.  1 wazuh-indexer wazuh-indexer   2012 Aug 18 11:34 gc.log.02
-rw-r-----.  1 wazuh-indexer wazuh-indexer   3803 Aug 18 11:34 wazuh-cluster_deprecation.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer   2249 Aug 18 11:34 wazuh-cluster_deprecation.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer  66481 Aug 18 11:35 wazuh-cluster.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer 135747 Aug 18 11:35 wazuh-cluster_server.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_task_detailslog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer      0 Aug 18 11:26 wazuh-cluster_task_detailslog.log
[root@centos7-1 ~]# date
Fri Aug 18 11:35:05 UTC 2023
[root@centos7-1 ~]# poweroff
cbordon@cbordon-MS-7C88:~/Documents/wazuh/local-test/vagrant-tests/centos/7$ date
sáb 19 ago 2023 08:37:26 -03
Last login: Fri Aug 18 11:35:01 UTC 2023 on pts/0
[root@centos7-1 ~]# ls -la /var/log/wazuh-indexer/
total 276
drwxr-x---.  2 wazuh-indexer wazuh-indexer  4096 Aug 19  2023 .
drwxr-xr-x. 11 root          root           4096 Aug 19  2023 ..
-rw-r-----.  1 wazuh-indexer wazuh-indexer 30336 Aug 18 11:38 gc.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer  2012 Aug 18 11:26 gc.log.00
-rw-r-----.  1 wazuh-indexer wazuh-indexer 53312 Aug 18 11:34 gc.log.01
-rw-r-----.  1 wazuh-indexer wazuh-indexer  2012 Aug 18 11:34 gc.log.02
-rw-r-----.  1 wazuh-indexer wazuh-indexer 31769 Aug 18 11:35 gc.log.03
-rw-r-----.  1 wazuh-indexer wazuh-indexer  2012 Aug 19  2023 gc.log.04
-rw-r-----.  1 wazuh-indexer wazuh-indexer 15078 Aug 19  2023 wazuh-cluster-2023-08-18-1.json.gz
-rw-r-----.  1 wazuh-indexer wazuh-indexer 13656 Aug 19  2023 wazuh-cluster-2023-08-18-1.log.gz
-rw-r-----.  1 wazuh-indexer wazuh-indexer  5248 Aug 18 11:38 wazuh-cluster_deprecation.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer  3124 Aug 18 11:38 wazuh-cluster_deprecation.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_indexing_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_index_search_slowlog.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer 29515 Aug 18 11:38 wazuh-cluster.log
-rw-r-----.  1 wazuh-indexer wazuh-indexer 58354 Aug 18 11:38 wazuh-cluster_server.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_task_detailslog.json
-rw-r-----.  1 wazuh-indexer wazuh-indexer     0 Aug 18 11:26 wazuh-cluster_task_detailslog.log
[root@centos7-1 ~]# date
Fri Aug 18 11:38:17 UTC 2023

@gdiazlo gdiazlo added the level/task Subtask issue label Aug 21, 2023
@wazuhci wazuhci moved this to Backlog in Release 4.5.2 Aug 21, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.5.2 Aug 22, 2023
@wazuhci wazuhci moved this from In progress to Backlog in Release 4.5.2 Aug 22, 2023
@davidjiglesias davidjiglesias mentioned this issue Dec 11, 2023
Closed
2 tasks
@rauldpm rauldpm mentioned this issue Dec 13, 2023
Closed
@vcerenu vcerenu mentioned this issue Dec 28, 2023
Closed
8 tasks
@AlexRuiz7 AlexRuiz7 removed their assignment Jan 8, 2024
@davidjiglesias davidjiglesias mentioned this issue Jan 11, 2024
Closed
2 tasks
@AlexRuiz7 AlexRuiz7 mentioned this issue Jan 29, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue Feb 6, 2024
Closed
2 tasks
@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Feb 19, 2024
edited
Loading

OpenSearch's team replies they are unable to reproduce the problem. We provided more information and are waiting for a response.

opensearch-project/OpenSearch#9609 (comment)

@davidjiglesias davidjiglesias mentioned this issue Feb 26, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue Mar 12, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue Apr 8, 2024
Closed
2 tasks
@AlexRuiz7 AlexRuiz7 mentioned this issue Apr 10, 2024
Closed
2 tasks
@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Apr 11, 2024
edited
Loading

I applied the fix proposed in https://forum.opensearch.org/t/systemd-entrypoint-defaultdispatcher-worker-error-could-not-define-attribute-view-on-path-var-log-opensearch-opensearch-server-json/15514/3, and the errors are not showing anymore. The wazuh-indexer service is up and running fine.

The fix consists on adding the code below to /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy.

grant {
  permission java.lang.RuntimePermission "accessUserInformation";
};

[root@rhel7 vagrant]# journalctl --no-pager  -xeu wazuh-indexer
-- Logs begin at Thu 2024-04-11 11:00:16 UTC, end at Thu 2024-04-11 11:01:01 UTC. --
Apr 11 11:00:25 rhel7.localdomain systemd[1]: Starting Wazuh-indexer...
-- Subject: Unit wazuh-indexer.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit wazuh-indexer.service has begun starting up.
Apr 11 11:00:27 rhel7.localdomain systemd-entrypoint[1015]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 11 11:00:27 rhel7.localdomain systemd-entrypoint[1015]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/wazuh-indexer/lib/opensearch-2.10.0.jar)
Apr 11 11:00:27 rhel7.localdomain systemd-entrypoint[1015]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Apr 11 11:00:27 rhel7.localdomain systemd-entrypoint[1015]: WARNING: System::setSecurityManager will be removed in a future release
Apr 11 11:00:28 rhel7.localdomain systemd-entrypoint[1015]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 11 11:00:28 rhel7.localdomain systemd-entrypoint[1015]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-indexer/lib/opensearch-2.10.0.jar)
Apr 11 11:00:28 rhel7.localdomain systemd-entrypoint[1015]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Apr 11 11:00:28 rhel7.localdomain systemd-entrypoint[1015]: WARNING: System::setSecurityManager will be removed in a future release
Apr 11 11:00:36 rhel7.localdomain systemd[1]: Started Wazuh-indexer.
-- Subject: Unit wazuh-indexer.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit wazuh-indexer.service has finished starting up.
-- 
-- The start-up result is done.

We'll keep revisiting this until we are completely sure that the error doesn't happen again.

@AlexRuiz7
Copy link
Member

Update 2024.04.12

Error didn't happen again.

Last login: Thu Apr 11 11:00:51 2024 from 192.168.121.1
[vagrant@rhel7 ~]$ sudo su
[root@rhel7 vagrant]# systemctl status wazuh-indexer
● wazuh-indexer.service - Wazuh-indexer
   Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2024-04-12 10:47:49 UTC; 2min 48s ago
     Docs: https://documentation.wazuh.com
 Main PID: 1020 (java)
   CGroup: /system.slice/wazuh-indexer.service
           └─1020 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+Al...

Apr 12 10:47:38 rhel7.localdomain systemd[1]: Starting Wazuh-indexer...
Apr 12 10:47:40 rhel7.localdomain systemd-entrypoint[1020]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 12 10:47:40 rhel7.localdomain systemd-entrypoint[1020]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/u...0.0.jar)
Apr 12 10:47:40 rhel7.localdomain systemd-entrypoint[1020]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Apr 12 10:47:40 rhel7.localdomain systemd-entrypoint[1020]: WARNING: System::setSecurityManager will be removed in a future release
Apr 12 10:47:41 rhel7.localdomain systemd-entrypoint[1020]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 12 10:47:41 rhel7.localdomain systemd-entrypoint[1020]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr...0.0.jar)
Apr 12 10:47:41 rhel7.localdomain systemd-entrypoint[1020]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Apr 12 10:47:41 rhel7.localdomain systemd-entrypoint[1020]: WARNING: System::setSecurityManager will be removed in a future release
Apr 12 10:47:49 rhel7.localdomain systemd[1]: Started Wazuh-indexer.
Hint: Some lines were ellipsized, use -l to show in full.

@AlexRuiz7
Copy link
Member

Update 2024.04.15

No errors.

[root@rhel7 vagrant]# systemctl status wazuh-indexer
● wazuh-indexer.service - Wazuh-indexer
   Loaded: loaded (/usr/lib/systemd/system/wazuh-indexer.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2024-04-15 10:21:49 UTC; 17s ago
     Docs: https://documentation.wazuh.com
 Main PID: 1014 (java)
   CGroup: /system.slice/wazuh-indexer.service
           └─1014 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -...

Apr 15 10:21:38 rhel7.localdomain systemd[1]: Starting Wazuh-indexer...
Apr 15 10:21:39 rhel7.localdomain systemd-entrypoint[1014]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 15 10:21:39 rhel7.localdomain systemd-entrypoint[1014]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/wazuh-ind...2.10.0.jar)
Apr 15 10:21:39 rhel7.localdomain systemd-entrypoint[1014]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Apr 15 10:21:39 rhel7.localdomain systemd-entrypoint[1014]: WARNING: System::setSecurityManager will be removed in a future release
Apr 15 10:21:40 rhel7.localdomain systemd-entrypoint[1014]: WARNING: A terminally deprecated method in java.lang.System has been called
Apr 15 10:21:40 rhel7.localdomain systemd-entrypoint[1014]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-index...2.10.0.jar)
Apr 15 10:21:40 rhel7.localdomain systemd-entrypoint[1014]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Apr 15 10:21:40 rhel7.localdomain systemd-entrypoint[1014]: WARNING: System::setSecurityManager will be removed in a future release
Apr 15 10:21:49 rhel7.localdomain systemd[1]: Started Wazuh-indexer.

@AlexRuiz7 AlexRuiz7 mentioned this issue Apr 15, 2024
Closed
@AlexRuiz7 AlexRuiz7 self-assigned this Apr 15, 2024
@AlexRuiz7
Copy link
Member

Closed in favor of wazuh/wazuh-indexer#205.

@davidjiglesias davidjiglesias mentioned this issue Apr 22, 2024
Closed
2 tasks
@wazuhci wazuhci moved this to Done in Release 4.9.0 Apr 29, 2024
@davidjiglesias davidjiglesias mentioned this issue May 3, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue May 14, 2024
Closed
2 tasks
@damarisg damarisg mentioned this issue May 23, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue May 28, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue Jun 6, 2024
Closed
2 tasks
@juliamagan juliamagan mentioned this issue Jun 20, 2024
Closed
2 tasks
@juliamagan juliamagan mentioned this issue Jul 8, 2024
Closed
2 tasks
@davidjiglesias davidjiglesias mentioned this issue Jul 22, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AlexRuiz7 AlexRuiz7

Labels
component: indexer level/task Subtask issue qa_known Issues that are already known by the QA team to-be-solved-in-fork type/bug Bug issue
Projects
No open projects
Release 4.9.0
Status: Done
Milestone
No milestone
7 participants
@gdiazlo @vikman90 @rauldpm @AlexRuiz7 @teddytpc1 @davidjiglesias @c-bordon