Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
opensearchproject/opensearch:2.4.1
Describe the issue:
Hello,
Is Any Way to change uid of opensearch ?
I see opensearch build image with uid 1000 .
In elasticseach I can change uid using following solution Any way to change uid of elasticsearch user in docker image?
However opensearch image would show error .
/bin/sh: /usr/sbin/groupmod: Permission denied
Environment:
my current user uid is 1001 and at first my certificate is permission 0600 .
opensearch would show unable to read esnode.pem .
Likely root cause: OpenSearchException[Unable to read /usr/share/opensearch/config/tls/esnode.pem (/usr/share/opensearch/config/tls/esnode.pem). Please make sure this files exists and is readable regarding to permissions. Property: plugins.security.ssl.transport.pemcert_filepath]
I need to change certificate permission to 0644 and data dictionary to 0777 and opensearch can start .
But I don’t want to change my certificate and data dictionary permission .
Thanks .
Configuration:
- opensearch.yml
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.pemcert_filepath: tls/esnode.pem
plugins.security.ssl.transport.pemkey_filepath: tls/esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: tls/root-ca.pem
plugins.security.ssl.http.pemcert_filepath: tls/esnode.pem
plugins.security.ssl.http.pemkey_filepath: tls/esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: tls/root-ca.pem
- docker-compose.yml
services:
opensearch:
image: opensearchproject/opensearch:2.4.1
environment:
- bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
- 'OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m' # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
- 'OPENSEARCH_PATH_CONF=/usr/share/opensearch/config'
volumes:
- ./data:/usr/share/opensearch/data
- ./tls:/usr/share/opensearch/config/tls
- ./opensearch.yml:/usr/share/opensearch/config/opensearch.yml
Relevant Logs or Screenshots: