Some subcommands can be executed with any user in deb/rpm installs

[jalvz]

Maybe this has been discussed before and it is ok, but in Linux packaged installs some subcommands can be run with any user... apm-server version, apm-server test, apm-server export

... While others require the right user:

sudo -u apm-server apm-server test config, sudo -u apm-server apm-server setup, sudo -u apm-server apm-server,

[graphaelli]

All subcommands that require reading the configuration file seem to be enforcing the permissions check. version, test and export with no arguments don't read the configuration so I think it's ok that they don't throw an error. I think a good rule of thumb is any command that when run with strict.perms=false still has a problem, like:

apm-server keystore add --strict.perms=false
error initializing beat: error loading config file: open /etc/apm-server/apm-server.yml: permission denied

should also have a problem with strict.perms=true in the same way.

apm-server keystore add 
error initializing beat: error loading config file: config file ("/etc/apm-server/apm-server.yml") must be owned by the beat user (uid=501) or root

Leaving this open in case you want to discuss further but I think it can be closed if you agree.

[jalvz]

i'm fine closing, it only bugged me the asymmetry in the fact that unauthenticated requests to '/' do not return version info