Details
Normal Description
1. Proposed title of this feature request
The `pod.spec.securityContext.fsGroupChangePolicy` value should be `OnRootMismatch` by default.
2. What is the nature and description of the request?
Avoid unnecessary recursive file ownership change. The file ownership change should be conditional if the permissions and ownership match as expected then algorithm should not perform permission change.
3. Why does the customer need this? (List the business requirements here)
In the case of pods using Persistent Volumes with high file counts, the pod fails with CreateContainerError as it takes much time to perform a recursive file ownership change.
Since the `pod.spec.securityContext.fsGroupChangePolicy` value is set to `Always` by default, it always performs permission change even when it is not required.
4. List any affected packages or components.
APIServer, Pod,Storage
Additional Info: The previous RFE was rejected due to the possibility of upstream not accepting it. However, we can still have the customized pod settings on a per namespace basis.
