[Heartbeat] Fix docs around ICMP sysctl settings (elastic#35285)

We really only test against / have confirmed this working well with `setcap`. This PR updates the docs to reflect our recommended usage.
kuisathaverat · May 2, 2023 · c0b84e4 · c0b84e4
1 parent 433a1a1
commit c0b84e4
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/heartbeat/docs/monitors/monitor-icmp.asciidoc b/heartbeat/docs/monitors/monitor-icmp.asciidoc
@@ -9,8 +9,9 @@ must execute Heartbeat with elevated permissions to perform ICMP pings.
 
 On Linux, regular users may perform pings if the right file capabilities are set. Run
 `sudo setcap cap_net_raw+eip /path/to/heartbeat` to  grant {beatname_uc} ping capabilities on Linux.
-Alternatively, one may grant ping permissions to the user {beatname_uc} runs as. To grant ping permissions
-in this way, run `sudo sysctl -w net.ipv4.ping_group_range='myuserid myuserid'`.
+
+The binary has the correct capabilities already set on the container image, however your container runtime
+must allow the use of these privileges for them to be used. On docker this can be achieved with `--cap-add=NET_RAW`.
 
 Other platforms may require {beatname_uc} to run as root or administrator to execute pings.