File-owner and/or -permissions in config-folder won't be adjusted at first run (Bug?)

Question

File-owner and/or -permissions in config-folder won't be adjusted at first run (Bug?)

Opened this issue 3 months ago · 0 comments

Hi @ all,

this is my first time I'm using wazuh, and I hope my containers run stablely now!

However: As a security-feature docker offers a userspace-remapping so docker-containers run outside of the host's userspace. But there's a little issue when using this feature.

The shared/persistent storaged folders/files must be chowned by root to fit in that userspace. Usually one sets all of the persistent files to the first UID and GID of the designated remapping-userspace. For example: the remap-userspace begins with UID/GID 100000:100000, then this would be the UID and GID for the remapped root-superuser. When running the container at it's first time, the shared files and folders should be automatically be set to them's right ownerships by the containers (remapped) root-user.

However, within wazuh's container-instances it's impossible to let the server write to the .../config/wazuh-dashboard/wazuh.yml-file because of wrong file-permissions/-ownership.

If there's a list of the right ownerships and permissions, one could at least easily change them manually.

Thanks for reading!

Greetings!