Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-1668

Debug Container not able to run due to missing permissions of setting pod finalizers

XMLWordPrintable

    • Low
    • None
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Customer cannot use "Debug Container" UI function to debug pods crashbackloop errors

      Version-Release number of selected component (if applicable):

      OCP 4

      How reproducible:

      When the cloning debug pod was not created by the original pod owner, they will get an error of "pods 'myacc-eos-batch-3-srflj-debug-l2h6w' is forbidden: cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>"

      Steps to Reproduce:

      1. Create a pod (crashloop) by user1
2. Switch to user 2 to run "Debug Container" function from Console UI

      Actual results:

      The debug pod will not launch from the console and showing an error of "cannot set blockOwnerDeletion if an ownerReference refers to a resource you can't set finalizers on: , <nil>"

      Expected results:

      The debug pod can be excuted succesfully regardless the ownerReferences permissions

      Additional info:

       

              cbremble@redhat.com Claire Bremble
              taxu@redhat.com Tao Xu (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour
                  1h