[Reporting] Switch Serverside Config Wrapper to NP (#62500)

* New config * fix translations json * add csv.useByteOrderMarkEncoding to schema * imports cleanup * restore "get default chromium sandbox disabled" functionality * integrate getDefaultChromiumSandboxDisabled * fix tests * --wip-- [skip ci] * add more schema tests * diff prettiness * trash legacy files that moved to NP * create_config tests * Hoist create_config * better disableSandbox tests * fix ts * fix export * fix bad code * make comments better * fix i18n * comment * automatically setting... logs * replace log_configuration * fix lint * This is f2 * improve startup log about sandbox info * update docs with log reference * revert log removal Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
elastic · Apr 15, 2020 · f4c81b4 · f4c81b4
1 parent 23e3f1a
commit f4c81b4
Show file tree

Hide file tree

Showing 28 changed files with 709 additions and 842 deletions.
diff --git a/docs/user/reporting/chromium-sandbox.asciidoc b/docs/user/reporting/chromium-sandbox.asciidoc
@@ -11,12 +11,12 @@ sandboxing techniques differ for each operating system.
 The Linux sandbox depends on user namespaces, which were introduced with the 3.8 Linux kernel. However, many
 distributions don't have user namespaces enabled by default, or they require the CAP_SYS_ADMIN capability. {reporting}
 will automatically disable the sandbox when it is running on Debian and CentOS as additional steps are required to enable
-unprivileged usernamespaces. In these situations, you'll see the following message in your {kib} logs:
-`Enabling the Chromium sandbox provides an additional layer of protection`.
+unprivileged usernamespaces. In these situations, you'll see the following message in your {kib} startup logs:
+`Chromium sandbox provides an additional layer of protection, but is not supported for your OS.
+Automatically setting 'xpack.reporting.capture.browser.chromium.disableSandbox: true'.`
 
-If your kernel is 3.8 or newer, it's
-recommended to enable usernamespaces and set `xpack.reporting.capture.browser.chromium.disableSandbox: false` in your
-`kibana.yml` to enable the sandbox.
+Reporting will automatically enable the Chromium sandbox at startup when a supported OS is detected. However, if your kernel is 3.8 or newer, it's
+recommended to set `xpack.reporting.capture.browser.chromium.disableSandbox: false` in your `kibana.yml` to explicitly enable usernamespaces.
 
 ==== Docker
 When running {kib} in a Docker container, all container processes are run within a usernamespace with seccomp-bpf and