set allow_superuser to false as default (#16558)

- set allow_superuser as false by default for v9
- change the buildkite image of ruby unit test to non-root

.buildkite/pull_request_pipeline.yml

@@ -22,10 +22,12 @@ steps:
   - label: ":rspec: Ruby unit tests"
     key: "ruby-unit-tests"
     agents:
-      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
       cpu: "4"
       memory: "8Gi"
       ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
     retry:
       automatic:
         - limit: 3

docs/static/settings-file.asciidoc

@@ -359,7 +359,7 @@ separating each log lines per pipeline could be helpful in case you need to trou
 
 | `allow_superuser`
 | Setting to `true` to allow or `false` to block running Logstash as a superuser.
-| `true`
+| `false`
 
 | `pipeline.buffer.type`
 | Determine where to allocate memory buffers, for plugins that leverage them.

logstash-core/lib/logstash/environment.rb

@@ -34,7 +34,7 @@ module LogStash
   end
 
   [
-           Setting::Boolean.new("allow_superuser", true),
+           Setting::Boolean.new("allow_superuser", false),
             Setting::String.new("node.name", Socket.gethostname),
     Setting::NullableString.new("path.config", nil, false),
  Setting::WritableDirectory.new("path.data", ::File.join(LogStash::Environment::LOGSTASH_HOME, "data")),

logstash-core/lib/logstash/runner.rb

@@ -456,7 +456,8 @@ class LogStash::Runner < Clamp::StrictCommand
   def running_as_superuser
     if Process.euid() == 0
       if setting("allow_superuser")
-        deprecation_logger.deprecated("NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases.")
+        logger.warn("NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk. " +
+                      "It is strongly recommended to set 'allow_superuser' to false.")
       else
         raise(RuntimeError, "Logstash cannot be run as superuser.")
       end

logstash-core/spec/logstash/runner_spec.rb

@@ -595,7 +595,7 @@ describe LogStash::Runner do
       it "runs successfully with warning message" do
         LogStash::SETTINGS.set("allow_superuser", true)
         expect(logger).not_to receive(:fatal)
-        expect(deprecation_logger_stub).to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./)
+        expect(logger).to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./)
         expect { subject.run(args) }.not_to raise_error
       end
     end
@@ -607,7 +607,7 @@ describe LogStash::Runner do
       it "runs successfully without any messages" do
         LogStash::SETTINGS.set("allow_superuser", false)
         expect(logger).not_to receive(:fatal)
-        expect(deprecation_logger_stub).not_to receive(:deprecated).with(/NOTICE: Running Logstash as superuser is not recommended and won't be allowed in the future. Set 'allow_superuser' to 'false' to avoid startup errors in future releases./)
+        expect(logger).not_to receive(:warn).with(/NOTICE: Allowing Logstash to run as superuser is heavily discouraged as it poses a security risk./)
         expect { subject.run(args) }.not_to raise_error
       end
     end