-
Bug
-
Resolution: Done-Errata
-
None
-
Quality / Stability / Reliability
-
False
-
-
False
-
NoActiveCustomerTickets
-
CLOSED
-
-
-
Moderate
-
No
Description of problem:
A regular user cannot use "virtctl ssh" to connect to a VM:
~~~
$ virtctl ssh --username=cloud-user rhel9-casual-cat
can't access VMI rhel9-casual-cat: virtualmachineinstances.subresources.kubevirt.io "rhel9-casual-cat" is forbidden: User "jorti" cannot get resource "virtualmachineinstances/portforward" in API group "subresources.kubevirt.io" in the namespace "jorti"
~~~
Version-Release number of selected component (if applicable):
OpenShift Virtualization 4.11.2
How reproducible:
Always
Steps to Reproduce:
1. Using a regular user with admin privileges in a project, try to connect to a VM:
$ virtctl ssh --username=cloud-user rhel9-casual-cat
Actual results:
can't access VMI rhel9-casual-cat: virtualmachineinstances.subresources.kubevirt.io "rhel9-casual-cat" is forbidden: User "jorti" cannot get resource "virtualmachineinstances/portforward" in API group "subresources.kubevirt.io" in the namespace "jorti"
Expected results:
No errors
Additional info:
It looks like a fix for this has been already merged upstream:
https://github.com/kubevirt/kubevirt/pull/7675
- external trackers
- links to