New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
podman kube play support posix permissions for configmap volumes #19313
Comments
Just tested with 4.6.0 as well. Not implemented. |
Interested in opening a PR? |
A friendly reminder that this issue had no activity for 30 days. |
So this means when it creates the volume it will have 438 mode? |
@ygalblum @umohnani8 Thoughts? |
I'm surprised to learn that it is not supported already |
any update of this request? |
Nope, still waiting for someone to step forward on this, Seems similar to another issue with fsgroup? |
@umohnani8 Interested? |
Kubernetes allows setting default permission for volume, this is to provide similar capability in podman kube play Close containers#19313 Signed-off-by: Vincent Deng <ywdeng@tw.ibm.com>
Kubernetes allows setting default permission for volume, this is to provide similar capability in podman kube play Close containers#19313 Signed-off-by: Vincent Deng <ywdeng@tw.ibm.com>
Feature request description
Kubernetes allows to set specific file permission via the attribute "defaultMode"
https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/volume/
Example Use case:
If one of the containers is started as "non-root" the access to the ConfigMap volume is limited.
Suggest potential solution
According to kubernate's documentation include the feature.
Have you considered any alternatives?
As workaorund you can change the rights via script in advance.
Additional context
Example POD:
The text was updated successfully, but these errors were encountered: