Bug 1792569 - restrictusers admission plugin incorrectly denies access to user in group
Summary: restrictusers admission plugin incorrectly denies access to user in group
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-apiserver
Version: 4.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 4.4.0
Assignee: Luis Sanchez
QA Contact: scheng
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-01-18 02:53 UTC by Luis Sanchez
Modified: 2020-05-04 11:25 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-05-04 11:25:32 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift origin pull 24411 None closed Bug 1792569: UPSTREAM: : admission/restrictusers ensure groups cache synced 2020-02-24 02:18:32 UTC
Red Hat Product Errata RHBA-2020:0581 None None None 2020-05-04 11:25:55 UTC

Description Luis Sanchez 2020-01-18 02:53:33 UTC
Description of problem:

The restrictusers admission sometimes denies a user's access to a rolebinding when such access should be granted. 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 5 Xingxing Xia 2020-02-18 02:18:57 UTC
Shengsheng, please help check this bug. FYI, this sync issue may be like https://bugzilla.redhat.com/show_bug.cgi?id=1792107 once ever we asked Dev in #forum-apiserver how to verify it: https://coreos.slack.com/archives/CB48XQ4KZ/p1581582130005200?thread_ts=1579747441.150000&cid=CB48XQ4KZ . Thank you.

Comment 9 errata-xmlrpc 2020-05-04 11:25:32 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581


Note You need to log in before you can comment on or make changes to this bug.