runAsContext:
  - userName: root
    groupName: root
    gid: 0
    uid: 0
    description: Netdata runs as root user.
capabilities:
  - name: CHOWN
    description: Netdata is able to chown files.
  - name: FOWNER
    description: Netdata is able to bypass permission checks for it's sub-processes.
  - name: SYS_CHROOT
    description: Netdata is able to use chroot.
  - name: MKNOD
    description: Netdata is able to create device nodes.
  - name: DAC_OVERRIDE
    description: Netdata is able to bypass permission checks.
  - name: FSETID
    description: Netdata is able to set file capabilities.
  - name: KILL
    description: Netdata is able to kill processes.
  - name: SETGID
    description: Netdata is able to set group ID for it's sub-processes.
  - name: SETUID
    description: Netdata is able to set user ID for it's sub-processes.
  - name: SETPCAP
    description: Netdata is able to set process capabilities.
  - name: NET_BIND_SERVICE
    description: Netdata is able to bind to privileged ports.
  - name: NET_RAW
    description: Netdata is able to use raw sockets.
  - name: SETFCAP
    description: Netdata is able to set file capabilities.
  - name: PTRACE
    description: Netdata is able to trace processes.
  - name: AUDIT_WRITE
    description: Netdata is able to write to audit log.
hostMounts:
  - hostPath: /etc/os-release
    description: Required to read the OS release information.
  - hostPath: /etc/passwd
    description: Required to read the user information.
  - hostPath: /etc/group
    description: Required to read the group information.
  - hostPath: /proc
    description: Required to read the processes information.