From 5e0397a0194ca82cca8b13329c9c4967e479bd2b Mon Sep 17 00:00:00 2001 From: Kaise Cheng Date: Tue, 15 Oct 2024 15:15:41 +0100 Subject: [PATCH 1/2] add deprecation warning for `allow_superuser: true` --- logstash-core/lib/logstash/runner.rb | 11 ++++++++++- logstash-core/spec/logstash/runner_spec.rb | 4 ++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 839eb2e5a17..5655a7986d9 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -482,8 +482,17 @@ def execute def running_as_superuser if Process.euid() == 0 + unless @settings.set?("allow_superuser") + deprecation_logger.deprecated("WARNING: You are currently running Logstash with superuser privileges. " + + "Starting from version 9, this will be disabled by default. " + + "To avoid disruption during the upgrade, set 'allow_superuser' to true now if you wish to continue running as superuser temporarily after the upgrade. " + + "Note that this is not recommended for security reasons.") + end + if setting("allow_superuser") - deprecation_logger.deprecated("NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases.") + deprecation_logger.deprecated("NOTICE: Running Logstash as superuser will be completely disallowed in future versions. " + + "To prepare for this and avoid startup errors in future releases, it is strongly recommended to set 'allow_superuser' to false now " + + "and adjust your configuration accordingly.") else raise(RuntimeError, "Logstash cannot be run as superuser.") end diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index 0408e9de173..e4ffc3fc161 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -704,7 +704,7 @@ it "runs successfully with warning message" do LogStash::SETTINGS.set("allow_superuser", true) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./) + expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser will be completely disallowed in future versions./) expect { subject.run(args) }.not_to raise_error end end @@ -716,7 +716,7 @@ it "runs successfully without any messages" do LogStash::SETTINGS.set("allow_superuser", false) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./) + expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser will be completely disallowed in future versions./) expect { subject.run(args) }.not_to raise_error end end From 8451aeb7a3c07d2311885da9f585b65e49c46210 Mon Sep 17 00:00:00 2001 From: Kaise Cheng Date: Fri, 25 Oct 2024 16:41:29 +0100 Subject: [PATCH 2/2] log warning instead of deprecation --- logstash-core/lib/logstash/runner.rb | 5 ++--- logstash-core/spec/logstash/runner_spec.rb | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb index 5655a7986d9..14a45bd94af 100644 --- a/logstash-core/lib/logstash/runner.rb +++ b/logstash-core/lib/logstash/runner.rb @@ -490,9 +490,8 @@ def running_as_superuser end if setting("allow_superuser") - deprecation_logger.deprecated("NOTICE: Running Logstash as superuser will be completely disallowed in future versions. " + - "To prepare for this and avoid startup errors in future releases, it is strongly recommended to set 'allow_superuser' to false now " + - "and adjust your configuration accordingly.") + logger.warn("NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk. " + + "It is strongly recommended to set 'allow_superuser' to false.") else raise(RuntimeError, "Logstash cannot be run as superuser.") end diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb index e4ffc3fc161..69aa8aa700c 100644 --- a/logstash-core/spec/logstash/runner_spec.rb +++ b/logstash-core/spec/logstash/runner_spec.rb @@ -704,7 +704,7 @@ it "runs successfully with warning message" do LogStash::SETTINGS.set("allow_superuser", true) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser will be completely disallowed in future versions./) + expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) expect { subject.run(args) }.not_to raise_error end end @@ -716,7 +716,7 @@ it "runs successfully without any messages" do LogStash::SETTINGS.set("allow_superuser", false) expect(logger).not_to receive(:fatal) - expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser will be completely disallowed in future versions./) + expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./) expect { subject.run(args) }.not_to raise_error end end