Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exempt root owned config files from ownership checker #3689

Merged
merged 2 commits into from
Feb 28, 2017

Conversation

andrewkroh
Copy link
Member

@andrewkroh andrewkroh commented Feb 28, 2017

If a config file is owned by root, but the process is running as a non-privileged user the Beat should run. This change exempts root from the ownership test. This makes it possible to drop privileges before executing the beat.

Needs back port to 5.3.

If a config file is owned by root, but the process is running as a non-privileged user the Beat should run. This change exempts root from the ownership test. This makes it possible to drop privileges before executing the beat.
@andrewkroh andrewkroh added needs_backport PR is waiting to be backported to other branches. review labels Feb 28, 2017
Copy link
Contributor

@ruflin ruflin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a changelog entry?

@tsg tsg added the v5.3.0 label Feb 28, 2017
@andrewkroh
Copy link
Member Author

I updated the existing changelog entry associated with this unreleased feature.

@tsg tsg merged commit c10d47a into elastic:master Feb 28, 2017
andrewkroh added a commit to andrewkroh/beats that referenced this pull request Feb 28, 2017
* Exempt root owned config files from ownership checker

If a config file is owned by root, but the process is running as a non-privileged user the Beat should run. This change exempts root from the ownership test. This makes it possible to drop privileges before executing the beat.

* Update changelog entry for the file ownership and permission checker.

(cherry picked from commit c10d47a)
ruflin pushed a commit that referenced this pull request Mar 1, 2017
* Exempt root owned config files from ownership checker

If a config file is owned by root, but the process is running as a non-privileged user the Beat should run. This change exempts root from the ownership test. This makes it possible to drop privileges before executing the beat.

* Update changelog entry for the file ownership and permission checker.

(cherry picked from commit c10d47a)
@tsg tsg removed the needs_backport PR is waiting to be backported to other branches. label Mar 1, 2017
@andrewkroh andrewkroh deleted the bugfix/exempt-root-owned-configs branch March 31, 2017 05:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants