10000 Fix capabilities initialization by rafaeldtinoco · Pull Request #2380 · aquasecurity/tracee · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Fix capabilities initialization #2380

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 25, 2022
Merged

Fix capabilities initialization #2380

merged 4 commits into from
Nov 25, 2022

Conversation

rafaeldtinoco
Copy link
Contributor

Initial Checklist

  • There is an issue describing the need for this PR.
  • Git log contains summary of the change.
  • Git log contains motivation and context of the change.

Description (git log)

commit c7733ca
Author: Rafael David Tinoco rafaeldtinoco@gmail.com
Date: Fri Nov 25 16:31:41 2022

pkg/ebpf/tracee: raise capabilities for procfs reads

Fixes: #2379

commit e311d81
Author: Rafael David Tinoco rafaeldtinoco@gmail.com
Date: Fri Nov 25 14:19:15 2022

pkg/capabilities: logger already includes pkgname

commit 4761ea8
Author: Rafael David Tinoco rafaeldtinoco@gmail.com
Date: Fri Nov 25 14:17:56 2022

pkg/procinfo: add debug warnings for errors

Without those, the package was failing silently because of missing
capabilities when capabilities were being dropped.

commit 4514ef8
Author: Rafael David Tinoco rafaeldtinoco@gmail.com
Date: Fri Nov 25 14:15:55 2022

proc/ns: fix logger calls missing var names

Type of change

  • Bug fix (non-breaking change fixing an issue, preferable).
  • Quick fix (minor non-breaking change requiring no issue, use with care)
  • Code refactor (code improvement and/or code removal)
  • New feature (non-breaking change adding functionality).
  • Breaking change (cause existing functionality not to work as expected).

How Has This Been Tested?

$ sudo TRACEE_LOGGER_LVL=debug ./dist/tracee-ebpf --trace comm=bash --trace follow --capabilities bypass=false

Final Checklist:

Pick "Bug Fix" or "Feature", delete the other and mark appropriate checks.

  • I have made corresponding changes to the documentation.
  • My code follows the style guidelines (C and Go) of this project.
  • I have performed a self-review of my own code.
  • I have commented all functions/methods created explaining what they do.
  • I have commented my code, particularly in hard-to-understand areas.
  • My changes generate no new warnings.
  • I have added tests that prove my fix, or feature, is effective.
  • New and existing unit tests pass locally with my changes.
  • Any dependent changes have been merged and published before.

Git Log Checklist:

My commits logs have:

  • Subject starts with "subsystem|file: description".
  • Do not end the subject line with a period.
  • Limit the subject line to 50 characters.
  • Separate subject from body with a blank line.
  • Use the imperative mood in the subject line.
  • Wrap the body at 72 characters.
  • Use the body to explain what and why instead of how.

@rafaeldtinoco rafaeldtinoco added this to the v0.10.0 milestone Nov 25, 2022
@rafaeldtinoco rafaeldtinoco mentioned this pull request Nov 25, 2022
Merged
26 tasks
@rafaeldtinoco rafaeldtinoco mentioned this pull request Nov 25, 2022
Closed
26 tasks
geyslan
geyslan approved these changes Nov 25, 2022
View reviewed changes
Copy link
Member
@geyslan geyslan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rafaeldtinoco rafaeldtinoco merged commit 01b1d86 into aquasecurity:main Nov 25, 2022
@rafaeldtinoco rafaeldtinoco deleted the fix-capabilities-initialization branch November 25, 2022 17:43
@AlonZivony
Copy link
Contributor

Thank @rafaeldtinoco, you did great job in fixing the capabilities issue I overlooked.

@yanivagman yanivagman removed this from the v0.10.0 milestone Jan 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geyslan geyslan geyslan approved these changes

@josedonizetti josedonizetti Awaiting requested review from josedonizetti

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rafaeldtinoco @AlonZivony @geyslan @yanivagman
0