Skip to content

fix: disable Windows permission inheritance to resolve OSQuery extension loading issues #10199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

fix: disable Windows permission inheritance to resolve OSQuery extension loading issues #10199

wants to merge 1 commit into from

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Sep 29, 2025
edited
Loading

What does this PR do?

disable Windows permission inheritance

Why is it important?

It resolves OSQuery extension loading issues

Checklist

  • I have read and understood the pull request guidelines of this project.
  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in ./changelog/fragments using the changelog tool
  • I have added an integration test or an E2E test

Disruptive User Impact

How to test this PR locally

Related issues

@marc-gr marc-gr requested a review from a team as a code owner September 29, 2025 12:10
@marc-gr marc-gr added bug Something isn't working Team:Security-Windows Platform Team:Security-Windows Platform labels Sep 29, 2025
@marc-gr
Copy link
Contributor Author

marc-gr commented Sep 29, 2025

not sure where we might want to backport this one @cmacknz

@mergify Mergify
Copy link
Contributor

mergify bot commented Sep 29, 2025

This pull request does not have a backport label. Could you fix it @marc-gr? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-./d./d is the label that automatically backports to the 8./d branch. /d is the digit
  • backport-active-all is the label that automatically backports to all active branches.
  • backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
  • backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

@marc-gr marc-gr mentioned this pull request Sep 29, 2025
Open
@marc-gr marc-gr added the ci:extended-windows Enable the extended windows stage in the CI label Sep 29, 2025
@elasticmachine
Copy link
Collaborator

elasticmachine commented Sep 29, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @marc-gr

blakerouse
blakerouse reviewed Sep 29, 2025
View reviewed changes
Copy link
Contributor

@blakerouse blakerouse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This still has the issue of not working. If a user goes all the way into the components directory (Windows will update the permissions of that directory), it will still fail to run. This is only reducing the chance that it happens and not actually fixing the issue.

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate failed Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 40%)

See analysis details on SonarQube

@marc-gr
Copy link
Contributor Author

marc-gr commented Sep 30, 2025

This still has the issue of not working. If a user goes all the way into the components directory (Windows will update the permissions of that directory), it will still fail to run. This is only reducing the chance that it happens and not actually fixing the issue.

as discussed I'll close this one and implement this on osquerybeat instead

@marc-gr marc-gr closed this Sep 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blakerouse blakerouse blakerouse left review comments

@straistaru straistaru Awaiting requested review from straistaru straistaru is a code owner automatically assigned from elastic/elastic-agent-control-plane

@michalpristas michalpristas Awaiting requested review from michalpristas

Assignees

@marc-gr marc-gr

Labels
bug Something isn't working ci:extended-windows Enable the extended windows stage in the CI Team:Security-Windows Platform Team:Security-Windows Platform
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marc-gr @elasticmachine @blakerouse