Hi!
It looks like when importing os/exec and using it to spawn command, on linux amd64, it fails with an Operation not permitted.
This is a code sample https://play.golang.com/p/kriZT9RpYlr that you should be able to reproduce after loading the beater from main.
I used a docker container on the alpine image after installing musl-dev, git, go
If I remove the import github.com/elastic/beats/libbeats/beat with the same os/exec it works. I suspect, there is a vendored library that is messing something.
The issue is located here:
[pid 27396] syscall_18446744073709551615(0xc000032160, 0xc00002e230, 0xc00045e0b0, 0, 0, 0) = -1 (errno 1)
[pid 27396] write(9, "\1\0\0\0\0\0\0\0", 8) = 8
[pid 27396] exit(253) = ?
[pid 27396] +++ exited with 253 +++
if I systrace it but I don't know how to dig further.
Let me know how I can help, I was trying to upgrade the libbeat for my cmdlinebeat project: https://github.com/tehmoon/cmdlinebeat
Regards,