-
Bug
-
Resolution: Unresolved
-
Major
-
4.20
-
None
Description of problem:
A pod with label :::s0:c0,c2 should conflicts with a pod with label ::: (or ""). Kubernetes does not report such a conflict.
How reproducible:
always
Steps to Reproduce:
1. Run two pods sharing the same PVC, one with spec.securityContext.seLinuxOptions.level = "s0:c0,c2" and the second one with `nil`. Make sure it's not defaulted by SCC, e.g. by running the second pod as privileged.
Actual results:
`oc describe pod` does not show any event about SELinux conflict
Expected results:
`oc describe pod` shows a conflict
Additional info:
- blocks
-
OCPBUGS-61197 [4.20] SELinux warning controller does not report conflicts with ""
-
- Verified
-
- is cloned by
-
OCPBUGS-61197 [4.20] SELinux warning controller does not report conflicts with ""
-
- Verified
-
- links to