securityadmin.sh should set to executable

[jeff-cook]

All shell scripts in the plugins/opendistro_security/tools directory should be set to executable.

[alolita]

@jeff-cook Thanks for reporting! We'll take a look.

[ralph089]

Unfortuantely I cannot update securityindex as long as this issue isn't fixed, since I'm running that image in OpenShift and I can't change the permissions with a non-root user.

[Reamer]

Have the same issue, when running on Openshift. Have the following hack in my Dockerfile.

diff --git a/opendistro/elasticsearch/Dockerfile b/opendistro/elasticsearch/Dockerfile
index cf6101c..7d0b407 100644
--- a/opendistro/elasticsearch/Dockerfile
+++ b/opendistro/elasticsearch/Dockerfile
@@ -79,6 +79,12 @@ RUN for plugin_path in opendistro-sql/opendistro_sql-1.0.0.0.zip opendistro-aler
 # Make the certificate installer script executable. This script has to be executed before ES is started.
 RUN chmod +x /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh

+# Remove chmod line in install_demo_configuration.sh script and make this in Dockerfile
+# root is needed for execute "chmod"
+# GitHub-Issue: https://github.com/opendistro-for-elasticsearch/opendistro-build/issues/3
+RUN sed -i '/$SUDO_CMD chmod +x "$ES_PLUGINS_DIR\/opendistro_security\/tools\/securityadmin.sh"/d' /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh && \
+    chmod +x /usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh
+
 COPY --chown=1000:0 elasticsearch.yml log4j2.properties config/

 USER 0

I can't not provide a PR, because I haven't an overview of all installation methods. I think, the best way to fix this issues, is to remove all chmod commands in Dockerfile and Start-Skripts. ".sh"-Files should be marked as executable after download.

[rtsisyk]

I have the same problem on OpenShift 4.x:

OpenDistro for Elasticsearch Security Demo Installer
 ** Warning: Do not use on production or public reachable systems **
Basedir: /usr/share/elasticsearch
Elasticsearch install type: rpm/deb on CentOS Linux release 7.8.2003 (Core)
Elasticsearch config dir: /usr/share/elasticsearch/config
Elasticsearch config file: /usr/share/elasticsearch/config/elasticsearch.yml
Elasticsearch bin dir: /usr/share/elasticsearch/bin
Elasticsearch plugins dir: /usr/share/elasticsearch/plugins
Elasticsearch lib dir: /usr/share/elasticsearch/lib
Detected Elasticsearch Version: x-content-7.6.1
Detected Open Distro Security Version: 1.7.0.0

chmod: changing permissions of '/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh': Operation not permitted

[fbartnitzek]

Any progress on this issue for openshift-users? Mounting docker-entrypoint.sh, install_demo_configuration.sh and securityadmin.sh explicitly via helm-configmaps with an executable fileMode and commented out chmod isn't perfect either...

[swapwalivkar]

Any update on this issue. I am getting same error while trying to deploy elk on openshift container platform

[ckvtvm-arch]

I am also facing the same issue in OCP 4.6

[jheidecker]

Chiming in on this issue. OKD 4.7

[davidlago]

We are doing some "spring cleaning in the fall", and to make sure we focus our energies on the right issues and we get a better picture of the state of the repo, we are closing all issues that we are carrying over from the ODFE era (ODFE is no longer supported/maintained, see post here).

If you believe this issue should still be considered for current versions of OpenSearch, apologies! Please let us know by re-opening it.

Thanks!