Bug 1446510
| Summary: | Upgrading 3.3 to 3.4 Kibana lost permissions to certain indexes | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Miheer Salunke <misalunk> |
| Component: | Logging | Assignee: | Jeff Cantrill <jcantril> |
| Status: | CLOSED DUPLICATE | QA Contact: | Xia Zhao <xiazhao> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 3.4.0 | CC: | aos-bugs, jcantril, juzhao, misalunk, pportant, pweil, rmeggins |
| Target Milestone: | --- | ||
| Target Release: | 3.7.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-09-13 18:49:09 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 1
Miheer Salunke
2017-05-01 05:31:51 UTC
This seems to be the related issue -> https://github.com/openshift/origin-aggregated-logging/issues/360 https://bugzilla.redhat.com/show_bug.cgi?id=1410694 Please correct me if I'm wrong. In https://github.com/openshift/origin-aggregated-logging/issues/360 the issue was attempting to view indices of a project/namespace that has no logs. Can you verify that the customer is getting this error when a non-admin user attempts to view logs for a project that has no logs? Or does the project actually have logs associated with it? https://bugzilla.redhat.com/show_bug.cgi?id=1410694 looks like a different issue If one ordinary(non cluster-admin user) log onto Kibana ops UI, same error with this defect.
Discover: [security_exception] no permissions for indices:data/read/field_stats
OK
Error: [security_exception] no permissions for indices:data/read/field_stats
at respond (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/kibana.bundle.js?v=10000:66224:16)
at checkRespForFailure (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/kibana.bundle.js?v=10000:66187:8)
at https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/kibana.bundle.js?v=10000:64805:8
at processQueue (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:41883:29)
at https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:41899:28
at Scope.$eval (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:43127:29)
at Scope.$digest (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:42938:32)
at Scope.$apply (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:43235:25)
at done (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:37684:48)
at completeRequest (https://kibana-ops.0601-4wt.qe.rhcloud.com/bundles/commons.bundle.js?v=10000:37882:8)
# openshift version
openshift v3.4.1.27
kubernetes v1.4.0+776c994
etcd 3.1.0-rc.0
Images from brew registry
# docker images | grep logging
openshift3/logging-deployer 3.4.1 c1e020892ad6 6 hours ago 886.3 MB
openshift3/logging-elasticsearch 3.4.1 ea8a4058e4e3 8 hours ago 399.6 MB
openshift3/logging-kibana 3.4.1 3333c7df9c97 8 days ago 338.8 MB
openshift3/logging-fluentd 3.4.1 e0bab9be2285 8 days ago 232.6 MB
openshift3/logging-auth-proxy 3.4.1 d5bb029f31ca 8 days ago 215 MB
openshift3/logging-curator 3.4.1 0253bb34db02 8 days ago 244.5 MB
*** This bug has been marked as a duplicate of bug 1456413 *** |