Skip to content

feat [#8647]: mark linux integrations requiring root#8917

Merged
pkoutsovasilis merged 1 commit intomainfrom
pkoutsovasilis/root_linux_integrations
Mar 26, 2024
Merged

feat [#8647]: mark linux integrations requiring root#8917
pkoutsovasilis merged 1 commit intomainfrom
pkoutsovasilis/root_linux_integrations

Conversation

@pkoutsovasilis
Copy link
Copy Markdown
Contributor

@pkoutsovasilis pkoutsovasilis commented Jan 17, 2024
edited
Loading

This PR marks the appropriate linux integrations of [#8647] as requiring or not root

Related Issues

@pkoutsovasilis pkoutsovasilis requested review from a team as code owners January 17, 2024 17:16
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jan 17, 2024
edited
Loading

🚀 Benchmarks report

Package auditd_manager 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
auditd 10989.01 7092.2 -3896.81 (-35.46%) 💔

Package system_audit 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
package 58823.53 47619.05 -11204.48 (-19.05%) 💔

To see the full report comment with /test benchmark fullreport

@norrietaylor norrietaylor requested review from a team and andrewkroh January 18, 2024 15:12
andrewkroh
andrewkroh reviewed Jan 24, 2024
View reviewed changes
Copy link
Copy Markdown
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Each package with changes will need a changelog entry. You can do it with the CLI via elastic-package change add.

packages/cloud_defend/manifest.yml Outdated
actions: [alert]
agent:
privileges:
root: false
Copy link
Copy Markdown
Member

@andrewkroh andrewkroh Jan 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With false being the default this could be entirely omitted.

Copy link
Copy Markdown
Contributor Author

@pkoutsovasilis pkoutsovasilis Jan 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure my aim was explicitness and also kinda a notification to the sec-linux-platform team that this is getting marked as not requiring root. But what you say makes sense and I will omit that entirely

@andrewkroh andrewkroh added Integration:fim File Integrity Monitoring Integration:auditd_manager Auditd Manager Integration:cloud_defend Defend for Containers (BETA) Integration:network_traffic Network Packet Capture labels Jan 24, 2024
andrewkroh
andrewkroh reviewed Jan 24, 2024
View reviewed changes
andrewkroh
andrewkroh approved these changes Jan 25, 2024
View reviewed changes
Copy link
Copy Markdown
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do suggest changing the description field to start with a capital and end with punctuation because these become user facing in our documentation (example https://docs.elastic.co/en/integrations/crowdstrike#changelog).

@botelastic
Copy link
Copy Markdown

botelastic bot commented Mar 2, 2024

Hi! We just realized that we haven't looked into this PR in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!

@botelastic botelastic bot added the Stalled label Mar 2, 2024
@pkoutsovasilis pkoutsovasilis force-pushed the pkoutsovasilis/root_linux_integrations branch from c110ae1 to 435f240 Compare March 26, 2024 16:03
@botelastic botelastic bot removed the Stalled label Mar 26, 2024
@pkoutsovasilis
Copy link
Copy Markdown
Contributor Author

pkoutsovasilis commented Mar 26, 2024
edited
Loading

@andrewkroh please one more review 🙂

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Mar 26, 2024

💚 Build Succeeded

History

@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube bot commented Mar 26, 2024

Quality Gate passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No Coverage information No data about Coverage
No Duplication information No data about Duplication

See analysis details on SonarQube

@pkoutsovasilis pkoutsovasilis merged commit 16b2650 into main Mar 26, 2024
@pkoutsovasilis pkoutsovasilis deleted the pkoutsovasilis/root_linux_integrations branch March 26, 2024 17:11
@andrewkroh andrewkroh added Integration:system_audit System Audit and removed Integration:cloud_defend Defend for Containers (BETA) labels Jul 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

@norrietaylor norrietaylor norrietaylor approved these changes

Assignees

No one assigned

Labels

Integration:auditd_manager Auditd Manager Integration:fim File Integrity Monitoring Integration:network_traffic Network Packet Capture Integration:system_audit System Audit

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Mark appropriate linux integrations as requiring root.

4 participants

@pkoutsovasilis @elasticmachine @andrewkroh @norrietaylor