Bug 1987262
| Summary: | unprivileged client fails to get guest agent data | ||
|---|---|---|---|
| Product: | Container Native Virtualization (CNV) | Reporter: | Ruth Netser <rnetser> |
| Component: | Virtualization | Assignee: | Roman Mohr <rmohr> |
| Status: | CLOSED ERRATA | QA Contact: | Israel Pinto <ipinto> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 2.6.6 | CC: | cnv-qe-bugs, ipinto, kbidarka, rmohr, sgott, vsibirsk, zpeng |
| Target Milestone: | --- | ||
| Target Release: | 2.6.7 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | virt-operator-container-v2.6.7-6 hco-bundle-registry-container-v2.6.7-40 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1985719 | Environment: | |
| Last Closed: | 2021-10-05 17:35:42 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1985719, 1997017 | ||
| Bug Blocks: | |||
|
Comment 1
Kedar Bidarkar
2021-08-25 13:32:52 UTC
verify with build
HCO:[v2.6.7-41]
step:
1. prepare a vm with guest agent installed
2. create unprivilege user with clusterrole
$ cat role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: my-custom-rbac-role
labels:
kubevirt.io: ""
rules:
- apiGroups:
- subresources.kubevirt.io
resources:
- virtualmachineinstances/console
- virtualmachineinstances/guestosinfo
verbs:
- get
- apiGroups:
- kubevirt.io
resources:
- virtualmachineinstances
- virtualmachines
- virtualmachineinstancepresets
- virtualmachineinstancereplicasets
verbs:
- get
- list
- watch
3. login with unprivilege user
$ oc whoami
redhat
4. check vm guest info
$ virtctl guestosinfo vm-rhel
{
"guestAgentVersion": "6.1.0",
"supportedCommands": [
{
"name": "guest-ssh-remove-authorized-keys",
"enabled": true
},
{
"name": "guest-ssh-add-authorized-keys",
"enabled": true
},
{
"name": "guest-ssh-get-authorized-keys",
"enabled": true
},
{
"name": "guest-get-devices"
},
{
"name": "guest-get-osinfo",
"enabled": true
},
{
"name": "guest-get-timezone",
"enabled": true
},
{
"name": "guest-get-users",
"enabled": true
},
{
"name": "guest-get-host-name",
"enabled": true
},
{
"name": "guest-exec"
},
{
"name": "guest-exec-status"
},
{
"name": "guest-get-memory-block-info",
"enabled": true
},
{
"name": "guest-set-memory-blocks",
"enabled": true
},
{
"name": "guest-get-memory-blocks",
"enabled": true
},
{
"name": "guest-set-user-password",
"enabled": true
},
{
"name": "guest-get-fsinfo",
"enabled": true
},
{
"name": "guest-get-disks",
"enabled": true
},
{
"name": "guest-set-vcpus",
"enabled": true
},
{
"name": "guest-get-vcpus",
"enabled": true
},
{
"name": "guest-network-get-interfaces",
"enabled": true
},
{
"name": "guest-suspend-hybrid",
"enabled": true
},
{
"name": "guest-suspend-ram",
"enabled": true
},
{
"name": "guest-suspend-disk",
"enabled": true
},
{
"name": "guest-fstrim",
"enabled": true
},
{
"name": "guest-fsfreeze-thaw",
"enabled": true
},
{
"name": "guest-fsfreeze-freeze-list",
"enabled": true
},
{
"name": "guest-fsfreeze-freeze",
"enabled": true
},
{
"name": "guest-fsfreeze-status",
"enabled": true
},
{
"name": "guest-file-flush"
},
{
"name": "guest-file-seek"
},
{
"name": "guest-file-write"
},
{
"name": "guest-file-read"
},
{
"name": "guest-file-close"
},
{
"name": "guest-file-open"
},
{
"name": "guest-shutdown",
"enabled": true
},
{
"name": "guest-info",
"enabled": true
},
{
"name": "guest-set-time",
"enabled": true
},
{
"name": "guest-get-time",
"enabled": true
},
{
"name": "guest-ping",
"enabled": true
},
{
"name": "guest-sync",
"enabled": true
},
{
"name": "guest-sync-delimited",
"enabled": true
}
],
"hostname": "vm-rhel",
"os": {
"name": "Red Hat Enterprise Linux",
"kernelRelease": "4.18.0-343.el8.x86_64",
"version": "8.6 (Ootpa)",
"prettyName": "Red Hat Enterprise Linux 8.6 Beta (Ootpa)",
"versionId": "8.6",
"kernelVersion": "#1 SMP Thu Sep 16 18:45:53 EDT 2021",
"machine": "x86_64",
"id": "rhel"
},
"timezone": "EDT, -14400",
"fsInfo": {
"disks": [
{
"diskName": "vdb2",
"mountPoint": "/boot/efi",
"fileSystemType": "vfat",
"usedBytes": 6006784,
"totalBytes": 104634368
},
{
"diskName": "vdb3",
"mountPoint": "/",
"fileSystemType": "xfs",
"usedBytes": 2047205376,
"totalBytes": 21357375488
}
]
}
}
move to verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: OpenShift Virtualization 2.6.7 Images security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3733 |