Open frantz45 opened 1 year ago
smortex
commented
1 year ago :+1:
Some settings are imported on the first run (e.g. internal_users.yml), but when the files are changed later the module currently does not ingest the new config.
Contributions are welcome!
roock
commented
7 months ago Also related: changes to the files of the security plugin trigger a service restart (if restart_on_config_change is true), which is useless, as the new config will not be loaded.
additoinaly it should be noted that securityadmin.sh is deprecated and will be replaced in the next major version (see below output from the script.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
To apply opensearch-security settings (I think it updates the .opendistro_security index) you need to execute the script securityadmin.sh. Otherwise all settings won't be effective and you will find many related errors logs (failure no such index .opendistro_security, not yed initialized). The script is located (on RedHat) in /usr/share/opensearch/plugins/opensearch-security/tools. The complete command line is: securityadmin.sh -cert -key -cacert -h -p -cn -cd