-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to deploy an APB with privileged security context #351
Comments
Initial thoughts are that an APB would specify in their spec whether or not privileged access is needed. |
Note that work on refreshing the ManageIQ APB is waiting on this feature. |
@dymurray has anything changed on this? Can apbs access /root? |
Nothing has changed with this, still a valid issue. APBs can still not be deployed with a |
Could you expand on the use case for this? Why does an APB need to access files in /root/ ? Could the APB's Dockerfile make those files available elsewhere? |
@mhrivnak The intention is more that the APB can declare if it needs elevated permisisons up front so that it is launched in the proper context. I'm unsure if /root/ is a good usecase. It's more about consuming images that weren't meant to be run in the |
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
/close |
@jmrodri: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Ability to specify if an APB needs privileged security permissions as opposed to 'restricted' by default
I am unable to provision an APB which accesses files in /root/ on the container
How to reproduce it:
Create an APB and reference a container in the deployment config which requires root access to run the startup binary.
The text was updated successfully, but these errors were encountered: