-
Bug
-
Resolution: Unresolved
-
Major
-
4.20
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
None
-
Approved
-
None
-
In Progress
-
Release Note Not Required
-
None
-
None
-
None
-
None
-
None
This is a clone of issue OCPBUGS-60946. The following is the description of the original issue:
—
Description of problem:
A pod with label :::s0:c0,c2 should conflicts with a pod with label ::: (or ""). Kubernetes does not report such a conflict.
How reproducible:
always
Steps to Reproduce:
1. Run two pods sharing the same PVC, one with spec.securityContext.seLinuxOptions.level = "s0:c0,c2" and the second one with `nil`. Make sure it's not defaulted by SCC, e.g. by running the second pod as privileged.
Actual results:
`oc describe pod` does not show any event about SELinux conflict
Expected results:
`oc describe pod` shows a conflict
Additional info:
- clones
-
OCPBUGS-60946 SELinux warning controller does not report conflicts with ""
-
- Verified
-
- is blocked by
-
OCPBUGS-60946 SELinux warning controller does not report conflicts with ""
-
- Verified
-
- links to