tetragon icon indicating copy to clipboard operation
tetragon copied to clipboard

Published 20 hours ago verified publisher icon cilium

feat: Username for process_exec events

Open anfedotoff opened this issue 10 months ago • 4 comments

Username is useful when tetragon works on host. On different hosts the same username can have different UIDs. Approach based on resolving username with pure Go os/user LGTM. But there is some restrictions:

  • /etc/passwd is available
  • tetragon agent and process for which UID is resolved are in the same mount/user namespace

TODO:

  • [x] Check if tetragon agent and process for which UID is resolved are in the same mount/user namespace
  • [x] Username resolving by a flag (maybe?) // I think flag is not needed.
  • [x] Test // Add username check in TestEventExecve
  • [x] Docs // Field description exists in reference. Maybe we need to find some place in docs to describe restrictions of username resolving

anfedotoff avatar Apr 23 '24 17:04 anfedotoff

Deploy Preview for tetragon ready!

Name Link
Latest commit 465f368a1f71dc4a9ca4f5443bbd093934227534
Latest deploy log https://app.netlify.com/sites/tetragon/deploys/664346fd1f20980008b831da
Deploy Preview https://deploy-preview-2369--tetragon.netlify.app
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

netlify[bot] avatar Apr 23 '24 17:04 netlify[bot]

@jrfastab, please, have a look. I think the PR is ready.

anfedotoff avatar Apr 26 '24 13:04 anfedotoff

hi :wave: sorry for the delay I'm going to look at it in more detail tomorrow quick scan looks good to me.

jrfastab avatar May 02 '24 06:05 jrfastab

@tixxdz , please, have a look. I think PR is ready:).

anfedotoff avatar May 08 '24 09:05 anfedotoff

The CI failures seem unrelated

tixxdz avatar May 14 '24 19:05 tixxdz