Hide Forgot
Description of problem: Unable to run auditd on OpenShift When running auditd with docker, it's run well. When trying to apply the same configuration in OpenShift the pod CrashLoopBackOff with the error : config_manager init complete Error sending status request (Connection refused) Error sending enable request (Connection refused) Unable to set initial audit startup state to 'enable', exiting The audit daemon is exiting. Error setting audit daemon pid (Connection refused) You can find the Dockerfile here : https://github.com/ndox/docker-auditd Version-Release number of selected component (if applicable): Openshift Enterprise 3.2.0 How reproducible: On customer side Steps to Reproduce: 1.Mentioned in the description 2. 3. Actual results: auditd doesn't work on openshift Expected results: auditd shall work on openshift Additional info:
Adding those lines on DC makes it works : spec: hostPID: true hostIPC: true hostNetwork: true I didn't find any documentation on it. Maybe documentation may be updated with these elements. Maybe you can close the bug and update documentation ?
@Nicolas: happy to update docs if necessary. Where were you expecting to find this in documentation? It is mentioned that SCC can be used to control access to the fields in https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#security-context-constraints and the specific fields are part of the api documentation. However since usage of those fields is pretty use case dependent I'm not sure that there is a great place for it.
Yes OK my bad, I didn't go to the API part. In fact when doing a search in the search bar on the documentation site (for example "IPC") you didn't get result pointing to API pages. I think you can close this issue. Thanks