Disable permission flag checks on imported logs#86
Merged
lisaSW merged 2 commits intohotfix/import_logicfrom Dec 9, 2025
Merged
Disable permission flag checks on imported logs#86lisaSW merged 2 commits intohotfix/import_logicfrom
lisaSW merged 2 commits intohotfix/import_logicfrom
Conversation
lisaSW
added a commit
that referenced
this pull request
Jan 21, 2026
* Disable permission flag checks on imported logs (#86) * Disable permission flag checks on imported logs * Display individual log errors even if there are no viable logs --------- Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com> * Installer Import Logic Updates (#89) * rename sshprep to sshprep.sh * installer updates removed mass upgrades, cleaned up installer, removed references to unsupported OS's, improved error handling and usage messages * threat intel feed error handling * cleaned up installer scripts and improved helper functions * Update ansible-installer.sh --------- Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com>
lisaSW
added a commit
that referenced
this pull request
Jan 21, 2026
* Install Ansible with Pipx (#84) * Install Ansible using pipx instead of Linux package manager * Prepend ~/.local/bin to path if not present (needed on Ubuntu to find pipx-installed Ansible) * Install pipx in a virtual environment to avoid PEP 668 issues * Pin ansible-core version 2.15.3 to avoid deprecation warnings and breaking syntax changes * Pin ansible-core 2.15.13, force installation * Disable permission flag checks on imported logs (#82) * Disable permission flag checks on imported logs * Display individual log errors even if there are no viable logs * Revert "Disable permission flag checks on imported logs (#82)" (#85) This reverts commit fd1bbe3. * Update README.md * Installer and Import Logic Updates (#90) * Disable permission flag checks on imported logs (#86) * Disable permission flag checks on imported logs * Display individual log errors even if there are no viable logs --------- Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com> * Installer Import Logic Updates (#89) * rename sshprep to sshprep.sh * installer updates removed mass upgrades, cleaned up installer, removed references to unsupported OS's, improved error handling and usage messages * threat intel feed error handling * cleaned up installer scripts and improved helper functions * Update ansible-installer.sh --------- Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com> --------- Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com> Co-authored-by: Liza Tsibur <liza@activecountermeasures.com> Co-authored-by: Keith Chew <40710037+mrkeithchew@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes: #30
The existing permission flag checks:
info.Mode().Perm()&0444 == 0444requires global read permissions (user, group, others), which is not ideal. While we could check if any read permissions are set, some ACL systems/SELinux might interfere with this. It's better to let the Open() call on the log files return an error if permission is denied.This PR removes the permission flag checks.