Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
2.16
Describe the issue:
We are seeing lot of warning messages on opensearch startup logs, most of them are about permission issue on the folder and file level.
please find the below logs for the same.
WARNING: Using incubator modules: jdk.incubator.vector
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/opensearch/lib/opensearch-2.16.0.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
WARNING: System::setSecurityManager will be removed in a future release
Sep 02, 2024 11:05:50 AM sun.util.locale.provider.LocaleProviderAdapter
WARNING: COMPAT locale provider will be removed in a future release
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/opensearch/lib/opensearch-2.16.0.jar)
WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
WARNING: System::setSecurityManager will be removed in a future release
[2024-09-02T11:05:51,338][INFO ][o.o.n.Node ] [dmf-opensearch-master-0] version[2.16.0], pid[1], build[tar/f84a26e76807ea67a69822c37b1a1d89e7177d9b/2024-08-06T20:30:45.209655408Z], OS[Linux/5.15.146+/amd64], JVM[Eclipse Adoptium/OpenJDK 64-Bit Server VM/21.0.3/21.0.3+9-LTS]
[2024-09-02T11:05:53,154][INFO ][o.o.s.s.DefaultSecurityKeyStore] [dmf-opensearch-master-0] Enabled TLS protocols for transport layer : [TLSv1.3, TLSv1.2]
[2024-09-02T11:05:53,154][INFO ][o.o.s.s.DefaultSecurityKeyStore] [dmf-opensearch-master-0] Enabled TLS protocols for HTTP layer : [TLSv1.3, TLSv1.2]
[2024-09-02T11:05:53,207][INFO ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Clustername: dmf-opensearch
[2024-09-02T11:05:53,220][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,220][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/opensearch-security has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,220][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/roles.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,221][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/config.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,221][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/action_groups.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,221][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/whitelist.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,221][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/roles_mapping.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,221][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/internal_users.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,222][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/allowlist.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,222][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/nodes_dn.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,222][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/tenants.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,222][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…data has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,222][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429 has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/tenants.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/internal_users.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/allowlist.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/nodes_dn.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/whitelist.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,223][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/roles_mapping.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,224][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/roles.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,224][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/config.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,224][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch-security/…2024_09_02_11_05_34.3597497429/action_groups.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,224][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/opensearch.yml has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,224][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/certs has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/tls.key has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/tls.crt has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/…data has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/certs/…2024_09_02_11_05_34.1633639832 has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/certs/node has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,225][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/node/tls.crt has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,226][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/node/tls.key has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,226][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] File /usr/share/opensearch/config/certs/node/…data has insecure file permissions (should be 0600)
[2024-09-02T11:05:53,226][WARN ][o.o.s.OpenSearchSecurityPlugin] [dmf-opensearch-master-0] Directory /usr/share/opensearch/config/certs/node/…2024_09_02_11_05_34.3529337012 has insecure file permissions (should be 0700)
[2024-09-02T11:05:53,951][INFO ][o.o.p.c.c.PluginSettings ] [dmf-opensearch-master-0] Config: metricsLocation: /dev/shm/performanceanalyzer/, metricsDeletionInterval: 1, httpsEnabled: false, cleanup-metrics-db-files: true, batch-metrics-retention-period-minutes: 7, rpc-port: 9650, webservice-port 9600
kindly let me know is there any setting to be enabled for this.