elastic · kaisecheng · Oct 31, 2024 · Oct 15, 2024 · Oct 15, 2024 · Oct 25, 2024
diff --git a/.buildkite/pull_request_pipeline.yml b/.buildkite/pull_request_pipeline.yml
@@ -22,10 +22,12 @@ steps:
   - label: ":rspec: Ruby unit tests"
     key: "ruby-unit-tests"
     agents:
-      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
       cpu: "4"
       memory: "8Gi"
       ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
     retry:
       automatic:
         - limit: 3

diff --git a/docs/static/settings-file.asciidoc b/docs/static/settings-file.asciidoc
@@ -359,7 +359,7 @@ separating each log lines per pipeline could be helpful in case you need to trou
 
 | `allow_superuser`
 | Setting to `true` to allow or `false` to block running Logstash as a superuser.
-| `true`
+| `false`
 
 | `event_api.tags.illegal`
 | When set to `warn`, allow illegal value assignment to the reserved `tags` field.

diff --git a/logstash-core/lib/logstash/environment.rb b/logstash-core/lib/logstash/environment.rb
@@ -34,7 +34,7 @@ module Environment
   end
 
   [
-           Setting::Boolean.new("allow_superuser", true),
+           Setting::Boolean.new("allow_superuser", false),
             Setting::String.new("node.name", Socket.gethostname),
     Setting::NullableString.new("path.config", nil, false),
  Setting::WritableDirectory.new("path.data", ::File.join(LogStash::Environment::LOGSTASH_HOME, "data")),

diff --git a/logstash-core/lib/logstash/runner.rb b/logstash-core/lib/logstash/runner.rb
@@ -480,7 +480,8 @@ def execute
   def running_as_superuser
     if Process.euid() == 0
       if setting("allow_superuser")
-        deprecation_logger.deprecated("NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases.")
+        logger.warn("NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk. " +
+                      "It is strongly recommended to set 'allow_superuser' to false.")
       else
         raise(RuntimeError, "Logstash cannot be run as superuser.")
       end

diff --git a/logstash-core/spec/logstash/runner_spec.rb b/logstash-core/spec/logstash/runner_spec.rb
@@ -704,7 +704,7 @@
       it "runs successfully with warning message" do
         LogStash::SETTINGS.set("allow_superuser", true)
         expect(logger).not_to receive(:fatal)
-        expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./)
+        expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./)
         expect { subject.run(args) }.not_to raise_error
       end
     end
@@ -716,7 +716,7 @@
       it "runs successfully without any messages" do
         LogStash::SETTINGS.set("allow_superuser", false)
         expect(logger).not_to receive(:fatal)
-        expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./)
+        expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./)
         expect { subject.run(args) }.not_to raise_error
       end
     end