Skip to content

Commit

Permalink
NETOBSERV-1245: NETOBSERV-1304: to enable DNS we no longer require pr…
Browse files Browse the repository at this point in the history
…ivileged to be true (#464)

Signed-off-by: Mohamed Mahmoud <[email protected]>
  • Loading branch information
msherif1234 authored Oct 25, 2023
1 parent b7711f0 commit fdc02ce
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 6 deletions.
4 changes: 2 additions & 2 deletions controllers/ebpf/agent_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -206,9 +206,9 @@ func (c *AgentController) desired(ctx context.Context, coll *flowslatest.FlowCol
volumeMounts = append(volumeMounts, volumeMount)
}

if helper.IsFeatureEnabled(&coll.Spec.Agent.EBPF, flowslatest.PacketDrop) || helper.IsFeatureEnabled(&coll.Spec.Agent.EBPF, flowslatest.DNSTracking) {
if helper.IsFeatureEnabled(&coll.Spec.Agent.EBPF, flowslatest.PacketDrop) {
if !coll.Spec.Agent.EBPF.Privileged {
rlog.Error(fmt.Errorf("invalid configuration"), "To use PacketsDrop and/or DNSTracking feature(s) privileged mode needs to be enabled")
rlog.Error(fmt.Errorf("invalid configuration"), "To use PacketsDrop feature privileged mode needs to be enabled")
} else {
volume := corev1.Volume{
Name: bpfTraceMountName,
Expand Down
5 changes: 1 addition & 4 deletions pkg/helper/flowcollector.go
Original file line number Diff line number Diff line change
Expand Up @@ -268,10 +268,7 @@ func IsPktDropEnabled(spec *flowslatest.FlowCollectorEBPF) bool {
}

func IsDNSTrackingEnabled(spec *flowslatest.FlowCollectorEBPF) bool {
if IsPrivileged(spec) && IsFeatureEnabled(spec, flowslatest.DNSTracking) {
return true
}
return false
return IsFeatureEnabled(spec, flowslatest.DNSTracking)
}

func IsFlowRTTEnabled(spec *flowslatest.FlowCollectorEBPF) bool {
Expand Down

0 comments on commit fdc02ce

Please sign in to comment.