Removed unnecessary change of group ownership in chmod initContainer (#…

…486) A file access control list (ACL) can provide permissions to a specific user or group without modifying the user/group owner of the file.
signalfx · Jul 21, 2022 · 153db1f · 153db1f
1 parent f5f6df8
commit 153db1f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
 
+- Removed unnecessary change of group ownership in chmod initContainer (#486)
+
 ## [0.55.0] - 2022-07-19
 
 ### Changed

diff --git a/helm-charts/splunk-otel-collector/templates/daemonset.yaml b/helm-charts/splunk-otel-collector/templates/daemonset.yaml
@@ -144,20 +144,14 @@ spec:
           {{ if .Values.logsCollection.containers.enabled -}}
           if [ -d "/var/lib/docker/containers" ];
           then
-              chgrp -Rv {{ $agent.securityContext.runAsGroup | default 20000 }} /var/lib/docker/containers;
-              chmod -R g+rxs /var/lib/docker/containers;
               setfacl -n -Rm d:g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx,g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx /var/lib/docker/containers;
           fi;
           if [ -d "/var/log/crio/pods" ];
           then
-              chgrp -Rv {{ $agent.securityContext.runAsGroup | default 20000 }} /var/log/crio/pods;
-              chmod -R g+rxs /var/log/crio/pods;
               setfacl -n -Rm d:g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx,g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx /var/log/crio/pods;
           fi;
           if [ -d "/var/log/pods" ];
           then
-              chgrp -Rv {{ $agent.securityContext.runAsGroup | default 20000 }} /var/log/pods;
-              chmod -R g+rxs /var/log/pods;
               setfacl -n -Rm d:g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx,g:{{ $agent.securityContext.runAsGroup | default 20000 }}:rx /var/log/pods;
           fi;
           {{- end }}']