.opendistro_security index blocks "read_only_allow_delete"

e.sokolov · November 25, 2019, 3:19pm

subj
And nobody has permission for change settings

PUT .opendistro_security/_settings
{
  "index": {
    "blocks": {
      "read_only_allow_delete": "false"
    }
  }
}

"type": "security_exception",
    "reason": "no permissions for [] and User [name=admin, roles=[admin], requestedTenant=null]"

What can I do?
One way: export current config with securityadmin, delete index and recreate. May be exists more simple way?

Serge · November 29, 2019, 11:13am

Can you try to add opendistro_security.disabled: true in to elasticsearch.yml
Than restart elasticsearch and

    curl -u <user>:<password> -XPUT 'http://<your_host_ip>:9200/_settings' -H 'Content-Type: application/json' -d'
    {
    "index": {
    "blocks": {
    "read_only_allow_delete": "false"
    }
    }
    }
    '

And don`t forget to comment opendistro_security.disabled: true after all

e.sokolov · November 30, 2019, 3:52pm

Must I restart cluster? all 14 nodes?

Serge · December 12, 2019, 7:13am

I think no. Just one node on which you will do this change. However you can try on one node and look on result.

e.sokolov · December 17, 2019, 3:15pm

Easiest way: use securityadmin.sh to export current config, delete index and recreate from config.
I think the option ‘set index.blocks.read_only_allow_delete: false’ in securityadmin.sh could be useful