Fix wrong binary for setting capabilities (#5070)

Since we transitioned to `agentbeat` we now need to use `setcap` on a different binary.
elastic · Jul 5, 2024 · e46bc35 · e46bc35
1 parent 7476517
commit e46bc35
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/changelog/fragments/1720195309-add-agentbeat-capabilities.yaml b/changelog/fragments/1720195309-add-agentbeat-capabilities.yaml
@@ -0,0 +1,3 @@
+kind: bug-fix
+summary: Use setcap on a correct agentbeat binary
+component: "elastic-agent"
diff --git a/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl b/dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl
@@ -144,7 +144,7 @@ RUN mkdir /app && \
 {{- end }}
 
 # Keep this after any chown command, chown resets any applied capabilities
-RUN setcap cap_net_raw,cap_setuid+p {{ $beatHome }}/data/elastic-agent-{{ commit_short }}/components/heartbeat && \
+RUN setcap cap_net_raw,cap_setuid+p {{ $beatHome }}/data/elastic-agent-{{ commit_short }}/components/agentbeat && \
 {{- if .linux_capabilities }}
 # Since the beat is stored at the other end of a symlink we must follow the symlink first
 # For security reasons setcap does not support symlinks. This is smart in the general case
@@ -240,4 +240,3 @@ RUN echo -e '#!/bin/sh\nexec /usr/local/bin/docker-entrypoint' > /app/apm.sh &&
 {{- else }}
 ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/docker-entrypoint"]
 {{- end }}
-