Skip to content

Refactor user change on service #8347

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Refactor user change on service #8347

wants to merge 11 commits into from
+888 −159

Conversation

michalpristas
Copy link
Contributor

@michalpristas michalpristas commented Jun 5, 2025
edited
Loading

This PR refactor the way how we do User change during unprivileged and privileged actions.

Pre-PR we removed and reinstalled service again with new user setup.

Post-PR we rewrite service file directly (linux and darwin) or use syscall to change config (windows). Then we restart service.

This reduces window for interrupt.
While pre-PR could leave us without a service, in this case we haven't won entirely. We can end up with broken service when service manager decides config/user is not valid/enabled. This at least leaves a trace in system logs.

Tests covering switch between privilege modes are already present

Closes: #8268

@michalpristas michalpristas self-assigned this Jun 5, 2025
@michalpristas michalpristas requested a review from a team as a code owner June 5, 2025 10:34
@michalpristas michalpristas added the enhancement New feature or request label Jun 5, 2025
@michalpristas michalpristas requested review from kaanyalti and pchila June 5, 2025 10:34
@michalpristas michalpristas added Team:Elastic-Agent-Control-Plane Label for the Agent Control Plane team skip-changelog backport-active-9 Automated backport with mergify to all the active 9.[0-9]+ branches labels Jun 5, 2025
@elasticmachine
Copy link
Contributor

Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)

pchila
pchila reviewed Jun 5, 2025
View reviewed changes
internal/pkg/agent/install/svc_linux.go

// isSystemdRunning checks if systemd is the init system and is running
func isSystemdRunning() bool {
// Check if systemd is PID 1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update comment since what we are doing here is implement the same check as sd_booted()

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i don't follow, please be explicit

@michalpristas michalpristas requested a review from blakerouse June 6, 2025 08:50
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate failed Quality Gate failed

Failed conditions
38.0% Coverage on New Code (required ≥ 40%)

See analysis details on SonarQube

@elasticmachine
Copy link
Contributor

elasticmachine commented Jun 6, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @michalpristas

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pchila pchila pchila left review comments

@kaanyalti kaanyalti Awaiting requested review from kaanyalti kaanyalti is a code owner automatically assigned from elastic/elastic-agent-control-plane

@blakerouse blakerouse Awaiting requested review from blakerouse

At least 1 approving review is required to merge this pull request.

Assignees

@michalpristas michalpristas

Labels
backport-active-9 Automated backport with mergify to all the active 9.[0-9]+ branches enhancement New feature or request skip-changelog Team:Elastic-Agent-Control-Plane Label for the Agent Control Plane team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use config replace logic instead of reinstalling service in switch
4 participants
@michalpristas @elasticmachine @blakerouse @pchila