Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-10141

Run Manila pod components at minimum privilege escalation level

XMLWordPrintable

    • Run Manila pod components at minimum privilege escalation level
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • Committed
    • No Docs Impact
    • To Do
    • manila-operator-container-1.0.4-4
    • manila-operator-container-1.0.4-4
    • Proposed
    • Proposed
    • 0% To Do, 0% In Progress, 100% Done

      Currently Manila services are executed using root user. This brings security concerns other than violating most of the security context requirements.
      When possible, move Pods to run services (Manila API, Scheduler, Share and related jobs) as Manila user/group.

              fpantano@redhat.com Francesco Pantano
              fpantano@redhat.com Francesco Pantano
              Francesco Pantano Francesco Pantano
              rhos-dfg-storage-squad-manila
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: