-
Notifications
You must be signed in to change notification settings - Fork 375
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[System] Mark logs-system.syslog
data stream as requires root
#9893
Conversation
Note the formatting in the diff is just the result of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
🚀 Benchmarks reportTo see the full report comment with |
💚 Build Succeeded
cc @kpollich |
Quality Gate passedIssues Measures |
Package system - 1.58.0 containing this change is available at https://epr.elastic.co/search?package=system |
Proposed commit message
Mark logs-system.syslog data stream as requires root
Reading syslog files requires root, so if this data stream is in use the agent will require root privileges. Adding
agent.privileges.root: true
makes Fleet/Agent aware of the requirement for escalated privileges.Checklist
changelog.yml
file.How to test this PR locally
Run an agent with the system integration and verify it collects data when run as a root user. I don't think the majority of the non-root agent work is "wired up" so there won't be anything obvious to test at this time. See elastic/kibana#183283.
Related issues
Closes #9886