From edf5f538ae40299dbc39a4b82b389a497e8c6445 Mon Sep 17 00:00:00 2001 From: Mario Rodriguez Molins Date: Wed, 17 Apr 2024 18:25:36 +0200 Subject: [PATCH 1/5] Set user root if specified in agent.privileges.root (package manifest) --- internal/packages/packages.go | 7 +++++++ internal/testrunner/runners/system/runner.go | 13 +++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/internal/packages/packages.go b/internal/packages/packages.go index 3fc1c167a2..30bff2230d 100644 --- a/internal/packages/packages.go +++ b/internal/packages/packages.go @@ -115,6 +115,12 @@ type Owner struct { Type string `config:"type" json:"type" yaml:"type"` } +type Agent struct { + Privileges struct { + Root bool `config:"root" json:"root" yaml:"root"` + } `config:"privileges" json:"privileges" yaml:"privileges"` +} + // PackageManifest represents the basic structure of a package's manifest type PackageManifest struct { SpecVersion string `config:"format_version" json:"format_version" yaml:"format_version"` @@ -130,6 +136,7 @@ type PackageManifest struct { Description string `config:"description" json:"description" yaml:"description"` License string `config:"license" json:"license" yaml:"license"` Categories []string `config:"categories" json:"categories" yaml:"categories"` + Agent Agent `config:"agent" json:"agent" yaml:"agent"` } type Elasticsearch struct { diff --git a/internal/testrunner/runners/system/runner.go b/internal/testrunner/runners/system/runner.go index 00a2119731..0e3800e0cd 100644 --- a/internal/testrunner/runners/system/runner.go +++ b/internal/testrunner/runners/system/runner.go @@ -313,7 +313,7 @@ func (r *runner) createServiceOptions(variantName string) servicedeployer.Factor } } -func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig) (agentdeployer.AgentInfo, error) { +func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig, packageManifest *packages.PackageManifest) (agentdeployer.AgentInfo, error) { var info agentdeployer.AgentInfo info.Name = r.options.TestFolder.Package @@ -339,6 +339,11 @@ func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig) (age info.Agent.Runtime = config.Agent.Runtime info.Agent.PidMode = config.Agent.PidMode + // If user is defined in configuration file has preference ? + if info.Agent.User == "" && packageManifest.Agent.Privileges.Root { + info.Agent.User = "root" + } + return info, nil } @@ -819,7 +824,7 @@ func (r *runner) prepareScenario(ctx context.Context, config *testConfig, svcInf return nil } - agentDeployed, agentInfo, err := r.setupAgent(ctx, config, serviceStateData, policy) + agentDeployed, agentInfo, err := r.setupAgent(ctx, config, serviceStateData, policy, scenario.pkgManifest) if err != nil { return nil, err } @@ -1127,12 +1132,12 @@ func (r *runner) setupService(ctx context.Context, config *testConfig, serviceOp return service, service.Info(), nil } -func (r *runner) setupAgent(ctx context.Context, config *testConfig, state ServiceState, policy *kibana.Policy) (agentdeployer.DeployedAgent, agentdeployer.AgentInfo, error) { +func (r *runner) setupAgent(ctx context.Context, config *testConfig, state ServiceState, policy *kibana.Policy, packageManifest *packages.PackageManifest) (agentdeployer.DeployedAgent, agentdeployer.AgentInfo, error) { if !r.options.RunIndependentElasticAgent { return nil, agentdeployer.AgentInfo{}, nil } logger.Warn("setting up agent (technical preview)...") - agentInfo, err := r.createAgentInfo(policy, config) + agentInfo, err := r.createAgentInfo(policy, config, packageManifest) if err != nil { return nil, agentdeployer.AgentInfo{}, err } From 7e52a9dec03cc513268fd82fc7c1a0d5c413a232 Mon Sep 17 00:00:00 2001 From: Mario Rodriguez Molins Date: Thu, 18 Apr 2024 13:07:05 +0200 Subject: [PATCH 2/5] Update test packae --- .../auditd/_dev/test/system/test-default-config.yml | 1 - .../auditd_manager_independent_agent/manifest.yml | 12 +++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/test/packages/with-custom-agent/auditd_manager_independent_agent/data_stream/auditd/_dev/test/system/test-default-config.yml b/test/packages/with-custom-agent/auditd_manager_independent_agent/data_stream/auditd/_dev/test/system/test-default-config.yml index 75d196b392..fc49bc16c6 100644 --- a/test/packages/with-custom-agent/auditd_manager_independent_agent/data_stream/auditd/_dev/test/system/test-default-config.yml +++ b/test/packages/with-custom-agent/auditd_manager_independent_agent/data_stream/auditd/_dev/test/system/test-default-config.yml @@ -5,7 +5,6 @@ data_stream: preserve_original_event: true agent: runtime: docker - user: "root" pid_mode: "host" linux_capabilities: - AUDIT_CONTROL diff --git a/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml b/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml index 9e97507435..ce12c7189a 100644 --- a/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml +++ b/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml @@ -1,15 +1,17 @@ -format_version: 1.0.0 +format_version: 2.12.0 name: auditd_manager_independent_agent title: "Auditd Manager" version: 999.999.999 -license: basic description: "The Auditd Manager Integration receives audit events from the Linux Audit Framework that is a part of the Linux kernel." type: integration categories: - os_system - security conditions: - kibana.version: "^8.2.0" + elastic: + subscription: basic + kibana: + version: "^8.2.0" screenshots: - src: /img/sample-screenshot.png title: Sample screenshot @@ -30,3 +32,7 @@ policy_templates: description: Collecting auditd events owner: github: elastic/security-external-integrations + +agent: + privileges: + root: true From f23c3a551b49d45ee1e6377a9d761f58f31b9994 Mon Sep 17 00:00:00 2001 From: Mario Rodriguez Molins Date: Thu, 18 Apr 2024 15:57:43 +0200 Subject: [PATCH 3/5] Fix lint errors --- .../auditd_manager_independent_agent/manifest.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml b/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml index ce12c7189a..2496b40a4e 100644 --- a/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml +++ b/test/packages/with-custom-agent/auditd_manager_independent_agent/manifest.yml @@ -32,7 +32,6 @@ policy_templates: description: Collecting auditd events owner: github: elastic/security-external-integrations - agent: privileges: root: true From ccd14d48ed855386f857c69716dfd89174a7def6 Mon Sep 17 00:00:00 2001 From: Mario Rodriguez Molins Date: Mon, 22 Apr 2024 10:28:53 +0200 Subject: [PATCH 4/5] Rephrase comment --- internal/testrunner/runners/system/runner.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/testrunner/runners/system/runner.go b/internal/testrunner/runners/system/runner.go index 0e3800e0cd..ef3880bd63 100644 --- a/internal/testrunner/runners/system/runner.go +++ b/internal/testrunner/runners/system/runner.go @@ -339,7 +339,8 @@ func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig, pack info.Agent.Runtime = config.Agent.Runtime info.Agent.PidMode = config.Agent.PidMode - // If user is defined in configuration file has preference ? + // If user is defined in the configuration file, it has preference + // and it should not be overwritten by the value in the manifest if info.Agent.User == "" && packageManifest.Agent.Privileges.Root { info.Agent.User = "root" } From 1d65244b36bfbe87b5de85fe003b48ac09d7f4ee Mon Sep 17 00:00:00 2001 From: Mario Rodriguez Molins Date: Mon, 22 Apr 2024 11:05:53 +0200 Subject: [PATCH 5/5] Pass agent options manifest instead full manifest --- internal/testrunner/runners/system/runner.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/internal/testrunner/runners/system/runner.go b/internal/testrunner/runners/system/runner.go index ef3880bd63..227053e88d 100644 --- a/internal/testrunner/runners/system/runner.go +++ b/internal/testrunner/runners/system/runner.go @@ -313,7 +313,7 @@ func (r *runner) createServiceOptions(variantName string) servicedeployer.Factor } } -func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig, packageManifest *packages.PackageManifest) (agentdeployer.AgentInfo, error) { +func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig, agentManifest packages.Agent) (agentdeployer.AgentInfo, error) { var info agentdeployer.AgentInfo info.Name = r.options.TestFolder.Package @@ -341,7 +341,7 @@ func (r *runner) createAgentInfo(policy *kibana.Policy, config *testConfig, pack // If user is defined in the configuration file, it has preference // and it should not be overwritten by the value in the manifest - if info.Agent.User == "" && packageManifest.Agent.Privileges.Root { + if info.Agent.User == "" && agentManifest.Privileges.Root { info.Agent.User = "root" } @@ -825,7 +825,7 @@ func (r *runner) prepareScenario(ctx context.Context, config *testConfig, svcInf return nil } - agentDeployed, agentInfo, err := r.setupAgent(ctx, config, serviceStateData, policy, scenario.pkgManifest) + agentDeployed, agentInfo, err := r.setupAgent(ctx, config, serviceStateData, policy, scenario.pkgManifest.Agent) if err != nil { return nil, err } @@ -1133,12 +1133,12 @@ func (r *runner) setupService(ctx context.Context, config *testConfig, serviceOp return service, service.Info(), nil } -func (r *runner) setupAgent(ctx context.Context, config *testConfig, state ServiceState, policy *kibana.Policy, packageManifest *packages.PackageManifest) (agentdeployer.DeployedAgent, agentdeployer.AgentInfo, error) { +func (r *runner) setupAgent(ctx context.Context, config *testConfig, state ServiceState, policy *kibana.Policy, agentManifest packages.Agent) (agentdeployer.DeployedAgent, agentdeployer.AgentInfo, error) { if !r.options.RunIndependentElasticAgent { return nil, agentdeployer.AgentInfo{}, nil } logger.Warn("setting up agent (technical preview)...") - agentInfo, err := r.createAgentInfo(policy, config, packageManifest) + agentInfo, err := r.createAgentInfo(policy, config, agentManifest) if err != nil { return nil, agentdeployer.AgentInfo{}, err }