Support arbitrary user IDs in secured Kubernetes environments

[jsoriano]

Add support for arbitrary user IDs in secured Kubernetes environments without needing to disable permission checks.

#12905 added support for arbitrary user IDs, but it changed the permissions of the files in a way that require Beats docker images to be run with BEAT_STRICT_PERMS=false, what is not recommended so far.

We should find a way to support arbitrary user IDs, without changing the current behaviour for the rest of cases.

Related issues:

• Allow the Docker image to be run with a random user id #12905
• docker images for APM Server failing with permission issues #18858
• Revert "Allow the Docker image to be run with a random user id (#12905)" #18872

[elasticmachine]

Pinging @elastic/integrations-platforms (Team:Platforms)

[jsoriano]

From OpenShift recommendations: "For an image to support running as an arbitrary user, directories and files that may be written to by processes in the image should be owned by the root group and be read/writable by that group. Files to be executed should also have group execute permissions."

As the files that conflict with BEAT_STRICT_PERMS don't need to be written by the beat, maybe it is enough with changing the group owner to root, and leave the permissions as they were before #12905.