Open AlexRuiz7 opened 1 year ago
What user are you using for the log rotation @AlexRuiz7 ? Does the user in the group of opensearch?
Hello @peterzhuamazon
Thanks for the reply.
opensearch:opensearch
I assume. I haven't really specified any user or group, so I assume the user and group created by OpenSearch are in use.
I am not able to reproduce this on my side tho.
@AlexRuiz7 could you detailed your steps and commands you used? As well as the permission and ownership of /var/log/opensearch (this particular folder)
Thanks.
Thanks for the reply!
I installed OpenSearch on a Vagrant box and that's it.
I think I removed the environment sometime ago, so I'll try to reproduce it and get back with more details.
I got the same issue. There is a solution from the forum. It works for me.
It's working. Thanks @Mudboyzh
I installed OpenSearch on a Vagrant box and that's it.
I see the same issue with the deb packages on Debian bookworm with OpenSearch version 2.15.0.
Describe the bug
This error shows up when the rotation of logs is performed:
We've been able to replicate this problem is several operative systems and OpenSearch versions (present in latest version 2.9.0)
To Reproduce Steps to reproduce the behavior:
journalctl
Expected behavior No errors
Plugins All plugins enabled by default.
Screenshots If applicable, add screenshots to help explain your problem.
Host/Environment (please complete the following information):
Additional context Extended logs
Details
```java Aug 28 12:00:46 ubuntu2204.localdomain systemd[1]: Started OpenSearch. ββ Subject: A start job for unit opensearch.service has finished successfully ββ Defined-By: systemd ββ Support: http://www.ubuntu.com/support ββ ββ A start job for unit opensearch.service has finished successfully. ββ ββ The job identifier is 120. Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: 2023-08-29 14:22:59,217 opensearch[ubuntu2204.localdomain][scheduler][T#1] ERROR Could not define attribute view on path "/var/log/opensearch/opensearch_server.json" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation") Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:485) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.security.AccessController.checkPermission(AccessController.java:1068) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:416) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:177) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.FileManager.defineAttributeView(FileManager.java:215) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.FileManager.createOutputStream(FileManager.java:202) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.createFileAfterRollover(RollingFileManager.java:419) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:396) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.checkRollover(RollingFileManager.java:308) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.RollingFileAppender.append(RollingFileAppender.java:311) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:161) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:134) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:125) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:89) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:542) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:500) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:483) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:417) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:82) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.Logger.log(Logger.java:161) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.tryLogMessage(AbstractLogger.java:2205) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageTrackRecursion(AbstractLogger.java:2159) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2142) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:2017) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1983) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.info(AbstractLogger.java:1320) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.jobscheduler.sweeper.JobSweeper.lambda$initBackgroundSweep$10(JobSweeper.java:294) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.threadpool.Scheduler$ReschedulingRunnable.doRun(Scheduler.java:239) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:806) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:52) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.lang.Thread.run(Thread.java:833) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: 2023-08-29 14:22:59,222 opensearch[ubuntu2204.localdomain][scheduler][T#1] ERROR Could not define attribute view on path "/var/log/opensearch/opensearch.log" got access denied ("java.lang.RuntimePermission" "accessUserInformation") java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessUserInformation") Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:485) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.security.AccessController.checkPermission(AccessController.java:1068) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:416) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.checkWriteExtended(UnixFileAttributeViews.java:195) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setMode(UnixFileAttributeViews.java:264) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/sun.nio.fs.UnixFileAttributeViews$Posix.setPermissions(UnixFileAttributeViews.java:299) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.util.FileUtils.defineFilePosixAttributeView(FileUtils.java:177) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.FileManager.defineAttributeView(FileManager.java:215) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.FileManager.createOutputStream(FileManager.java:202) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.createFileAfterRollover(RollingFileManager.java:419) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.rollover(RollingFileManager.java:396) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.rolling.RollingFileManager.checkRollover(RollingFileManager.java:308) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.appender.RollingFileAppender.append(RollingFileAppender.java:311) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:161) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:134) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:125) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:89) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:542) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:500) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:483) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:417) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:82) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.core.Logger.log(Logger.java:161) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.tryLogMessage(AbstractLogger.java:2205) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageTrackRecursion(AbstractLogger.java:2159) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2142) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:2017) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1983) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.apache.logging.log4j.spi.AbstractLogger.info(AbstractLogger.java:1320) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.jobscheduler.sweeper.JobSweeper.lambda$initBackgroundSweep$10(JobSweeper.java:294) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.threadpool.Scheduler$ReschedulingRunnable.doRun(Scheduler.java:239) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:806) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at org.opensearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:52) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) Aug 29 14:22:59 ubuntu2204.localdomain systemd-entrypoint[661]: at java.base/java.lang.Thread.run(Thread.java:833) ```
File permissions before the rotation:
File permissions after the rotation: