It seems that with introducing changes in #12905 config file permissions were changed from 0640 to 0660.
When running the APM Server docker images without setting BEAT_STRICT_PERMS=false the check OwnerHasExclusiveWritePerms now fails with the error config file ("apm-server.yml") can only be writable by the owner but the permissions are "-rw-rw----". Our integration test environment fails since pulling in these changes into APM Server.
It seems to be the same issue for other beats, e.g. running docker run -e docker.elastic.co/beats/metricbeat:8.0.0-SNAPSHOT results in the mentioned error and prevents the beat from starting, whereas docker run -e BEAT_STRICT_PERMS=false docker.elastic.co/beats/metricbeat:8.0.0-SNAPSHOT works fine.
@barkbay @jsoriano could you please take a look at this, from what I understand the intention was not to switch to BEATS_STRICT_PERMS=false.
It seems that with introducing changes in #12905 config file permissions were changed from
0640to0660.When running the APM Server docker images without setting
BEAT_STRICT_PERMS=falsethe check OwnerHasExclusiveWritePerms now fails with the errorconfig file ("apm-server.yml") can only be writable by the owner but the permissions are "-rw-rw----". Our integration test environment fails since pulling in these changes into APM Server.It seems to be the same issue for other beats, e.g. running
docker run -e docker.elastic.co/beats/metricbeat:8.0.0-SNAPSHOTresults in the mentioned error and prevents the beat from starting, whereasdocker run -e BEAT_STRICT_PERMS=false docker.elastic.co/beats/metricbeat:8.0.0-SNAPSHOTworks fine.@barkbay @jsoriano could you please take a look at this, from what I understand the intention was not to switch to
BEATS_STRICT_PERMS=false.