Bug 1759181 - [4.2-backport] No RBAC method for setting ExternalIPs
Summary: [4.2-backport] No RBAC method for setting ExternalIPs
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.1.z
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.2.z
Assignee: Aniket Bhat
QA Contact: Weibin Liang
URL:
Whiteboard:
Depends On: 1752045
Blocks: 1759182
TreeView+ depends on / blocked
 
Reported: 2019-10-07 14:39 UTC by Casey Callendrello
Modified: 2019-11-13 18:55 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1752045
Environment:
Last Closed: 2019-11-13 18:55:47 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift origin pull 23955 'None' closed Bug 1759181: UPSTREAM: <carry>:Add a RBAC checker for external IP ranger 2020-03-17 08:53:16 UTC
Red Hat Product Errata RHBA-2019:3303 None None None 2019-11-13 18:55:59 UTC

Comment 1 Aniket Bhat 2019-11-04 15:28:49 UTC
Weibin, can we verify this on 4.2.z build?

Comment 2 Weibin Liang 2019-11-04 16:12:11 UTC
(In reply to Aniket Bhat from comment #1)
> Weibin, can we verify this on 4.2.z build?

Hi Aniket, 
The bug is still in MODIFIED state, QE will verify it when it is in On_QA state.

Comment 4 Weibin Liang 2019-11-05 14:06:12 UTC
Verified in 4.2.0-0.nightly-2019-11-04-231442

Using same default externalIP policy: {}, a normal user can not create a svc with externalIP, but admin can.

Comment 6 errata-xmlrpc 2019-11-13 18:55:47 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:3303


Note You need to log in before you can comment on or make changes to this bug.