-
Notifications
You must be signed in to change notification settings - Fork 105
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run as non-root user on kubernetes #56
Comments
The problem is here: Pinger.New() can only create privileged icmp.PacketConn |
freebsd-git
pushed a commit
to freebsd/freebsd-ports
that referenced
this issue
Jul 14, 2022
- Switched to GO_MODULE - Fixed "Run as non-root user" ( czerwonk/ping_exporter#56 ) by setuid bit - Added ping_exporter_syslog_output_* params to rc-script for syslog output tuning ChangeLog: https://github.com/czerwonk/ping_exporter/releases/tag/1.0.0 PR: 264048 Approved by: maintainer timeout > 1 month
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi!
Im trying to run this exporter on kubernetes without being a root user.
Currently, i can at least execute it as root but with dropped capabilities:
But when i change to a non-root user, with the following securityContext:
it fails with:
ERRO[0000] cannot start monitoring: listen ip4:icmp 0.0.0.0: socket: operation not permitted
I have tried to add more capabilities (NET_ADMIN, SYS_ADMIN) without success.
The text was updated successfully, but these errors were encountered: