(from github.com/Artjom-Grigorjew)
Hello dear developers,
i have troubleshooting bringing up the elasticsearch cluster in combination with the codelibs/elasticsearch-configsync.
I am using elasticsearch Version 6.1.1 and elasticsearch-configsync version 6.1.1.
I get the following error message:
[2018-02-08T18:04:46,909][ERROR][o.c.e.c.s.ConfigSyncService] [******] Failed to start ConfigFileUpdater.
org.elasticsearch.ElasticsearchSecurityException: action [indices:admin/exists] is unauthorized for user [_system]
at org.elasticsearch.xpack.security.support.Exceptions.authorizationError(Exceptions.java:42) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationService.denialException(AuthorizationService.java:589) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationService.denial(AuthorizationService.java:560) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationService.authorize(AuthorizationService.java:168) ~[?:?]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$authorizeRequest$4(SecurityActionFilter.java:176) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.maybeRun(AuthorizationUtils.java:182) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.setRunAsRoles(AuthorizationUtils.java:176) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.authorize(AuthorizationUtils.java:158) ~[?:?]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.authorizeRequest(SecurityActionFilter.java:190) ~[?:?]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.lambda$applyInternal$3(SecurityActionFilter.java:166) ~[?:?]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:60) ~[elasticsearch-6.1.1.jar:6.1.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$writeAuthToContext$23(AuthenticationService.java:453) ~[?:?]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.writeAuthToContext(AuthenticationService.java:462) ~[?:?]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$handleNullToken$16(AuthenticationService.java:355) ~[?:?]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.handleNullToken(AuthenticationService.java:362) ~[?:?]
I am using xpack for the elasticsearch installation and the mentioned user _system is a internal xpack user.
Is this a known issue? Do you maybe had such behaviour in the past. Meanwhile i would dig into it and search for the solution.
Best regards.