Run as non-root user on kubernetes #56

ebarped · 2021-10-25T07:54:37Z

Hi!

Im trying to run this exporter on kubernetes without being a root user.

Currently, i can at least execute it as root but with dropped capabilities:

securityContext:
  capabilities:
    drop:
      - all
    add: ["NET_RAW"]

But when i change to a non-root user, with the following securityContext:

securityContext:
  runAsUser: 65534
  runAsNonRoot: true
  capabilities:
    drop:
      - all
    add: ["NET_RAW"]

it fails with:
ERRO[0000] cannot start monitoring: listen ip4:icmp 0.0.0.0: socket: operation not permitted

I have tried to add more capabilities (NET_ADMIN, SYS_ADMIN) without success.

The text was updated successfully, but these errors were encountered:

drTr0jan · 2022-07-01T13:14:30Z

- Switched to GO_MODULE - Fixed "Run as non-root user" ( czerwonk/ping_exporter#56 ) by setuid bit - Added ping_exporter_syslog_output_* params to rc-script for syslog output tuning ChangeLog: https://github.com/czerwonk/ping_exporter/releases/tag/1.0.0 PR: 264048 Approved by: maintainer timeout > 1 month

czerwonk self-assigned this Jul 1, 2022

Provide feedback