Open travier opened 3 years ago
openshift-bot
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle stale
travier
commented
3 years ago /remove-lifecycle stale
travier
commented
3 years ago We encountered this issue again in https://bugzilla.redhat.com/show_bug.cgi?id=1924926. Can I get an initial review? Should I start working on it?
openshift-bot
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle stale
travier
commented
3 years ago /remove-lifecycle stale
openshift-bot
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.
If this issue is safe to close now please do so with /close.
/lifecycle stale
travier
commented
3 years ago /remove-lifecycle stale /lifecycle frozen We really should be doing that at some point or figuring out a way out (via an SSH proxy for example) so marking as frozen.
codespearhead
commented
5 months ago According to Daniel Walsh 2020-05-29 17:41:48 UTC, the source problem was fixed in container-selinux v2.135.0.
Should this issue be closed then?
travier
commented
5 months ago The last time I check, it wasn't fixed. I had made: https://github.com/openshift/oc/pull/842
The SELinux policy has been changed to allow container runtimes to create unconfined container for host debugging (BZ#1839065) instead of using the
spc_tsemi-restricted context that leads to weird error cases (BZ#1896369).This is released with RHSA-2020:3053.
For OCP, this can be enabled starting with 4.6 as it includes the fixed SELinux policy in the release image. For OKD, this can be enabled starting with 4.6 as Fedora CoreOS has included the fix for a while.