From edc42593eb96e173d71ef5b503524c66d77f16c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lorenzo=20Dematt=C3=A9?= Date: Tue, 25 Feb 2025 10:19:15 +0100 Subject: [PATCH] Some missing entitlements preventing serverless to start (#123271) --- .../entitlement/initialization/EntitlementInitialization.java | 4 +++- .../security/src/main/plugin-metadata/entitlement-policy.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/libs/entitlement/src/main/java/org/elasticsearch/entitlement/initialization/EntitlementInitialization.java b/libs/entitlement/src/main/java/org/elasticsearch/entitlement/initialization/EntitlementInitialization.java index 237ed0f45e65a..ee638ab3ba6e1 100644 --- a/libs/entitlement/src/main/java/org/elasticsearch/entitlement/initialization/EntitlementInitialization.java +++ b/libs/entitlement/src/main/java/org/elasticsearch/entitlement/initialization/EntitlementInitialization.java @@ -251,7 +251,9 @@ private static PolicyManager createPolicyManager() { new FilesEntitlement( List.of( FileData.ofPath(Path.of("/co/elastic/apm/agent/"), READ), - FileData.ofPath(Path.of("/agent/co/elastic/apm/agent/"), READ) + FileData.ofPath(Path.of("/agent/co/elastic/apm/agent/"), READ), + FileData.ofPath(Path.of("/proc/meminfo"), READ), + FileData.ofPath(Path.of("/sys/fs/cgroup/"), READ) ) ) ); diff --git a/x-pack/plugin/security/src/main/plugin-metadata/entitlement-policy.yaml b/x-pack/plugin/security/src/main/plugin-metadata/entitlement-policy.yaml index 99dd7d5c1380f..a6f29cb2ad7ea 100644 --- a/x-pack/plugin/security/src/main/plugin-metadata/entitlement-policy.yaml +++ b/x-pack/plugin/security/src/main/plugin-metadata/entitlement-policy.yaml @@ -37,3 +37,6 @@ org.opensaml.saml.impl: - relative_path: metadata.xml relative_to: config mode: read + - relative_path: "saml/" + relative_to: config + mode: read