-
Bug
-
Resolution: Not a Bug
-
Minor
-
rhel-9.4
-
None
-
Yes
-
None
-
rhel-sst-security-crypto
-
ssg_security
-
None
-
False
-
-
None
-
None
-
None
-
None
-
None
What were you trying to do that didn't work?
A component of OpenShift is trying to run `update-ca-certificates` using ca-certificates-0-2024.2.69_v8.0.303-91.4.el9_4-noarch, and we are getting permission denied errors.
Please provide the package NVR for which bug is seen:
ca-certificates-0-2024.2.69_v8.0.303-91.4.el9_4-noarch
How reproducible:
Always
Steps to reproduce
Here is how we invoke it: https://github.com/openshift/cluster-image-registry-operator/blob/b745da05603700af8edf5b946a3c7f9dc377c5b6/pkg/resource/podtemplatespec.go#L489
Expected results
Success
Actual results
2024-08-22T06:14:14.743856620Z ln: failed to create symbolic link '/etc/pki/ca-trust/extracted/pem/directory-hash/ca-certificates.crt': Permission denied
We noticed this change seems to be culprit: https://pkgs.devel.redhat.com/git/rpms/ca-certificates/commit/?h=rhel-9.4.0&id=55331c705878ae6b017abc42df3fcd454f1c8a90
- causes
-
OCPBUGS-38842 Image registry unable to run due to permissions error
- Verified
- is related to
-
OCPBUGS-38842 Image registry unable to run due to permissions error
- Verified