Open kravciak opened 11 months ago
This is still prevalent in rancher 2.8.2. Just enabling priviledged as true is not enough and require manual yaml editing. Rancher v2.8.2 Dashboard v2.8.0 Helm v2.16.8-rancher2 Machine v0.15.0-rancher106 Cluster RKE2 : v1.27.12+rke2r1
Rancher Server Setup
Describe the bug
When I select
privileged: true
on pod securityContext thenallowPrivilegeEscalation
option hides in UI but is still present in YAML asfalse
. This combination is not valid. Whenprivileged: true
thenallowPrivilegeEscalation
has to be alsotrue
.To Reproduce
Workloads->Pods->Create
Security Context tab
(Default values are:Privileged: No
,Privilege Escalation: No
)Privileged: Yes
(Privilege Escalation disappears)Edit as Yaml
This combination is wrong as described in kubernetes doc:
To see error message in UI install kubewarden 1.7.0 with recommended policies in monitor mode.
Result
Problem is obvious when I enable kubewarden, it prevents pod creation (in both monitor / protect modes) with following error:
After I switch back to
privileged: No
then Privilege Escalation is switched toYes
(both UI and YAML).Expected Result
When I select
Privileged: Yes
thenPrivilege Escalation
is:Screenshots