1964305 – [Doc] Workaround for Restic namespace supplemental groups bug

Bug 1964305 - [Doc] Workaround for Restic namespace supplemental groups bug

Summary: [Doc] Workaround for Restic namespace supplemental groups bug

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Migration Toolkit for Containers
Classification:	Red Hat
Component:	Documentation
Sub Component:
Version:	1.4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	1.5.0
Assignee:	Avital Pinnick
QA Contact:	Xin jiang
Docs Contact:	Avital Pinnick
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-05-25 07:25 UTC by Avital Pinnick
Modified:	2023-07-16 15:13 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-05-25 15:00:01 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Avital Pinnick 2021-05-25 07:25:52 UTC

Document the workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1873641:

Restic does not appear to respect the supplementalgroups of a namespace (https://docs.openshift.com/container-platform/3.11/install_config/persistent_storage/pod_security_context.html#supplemental-groups)

After changing permissions on NFS side, can run stage with copy successfully, but should not be required as supplementalgroup is set on the nfs and the stage pod is respecting it.

Fails with the following error:
backup=openshift-migration/<backup_id> controller=pod-volume-backup error="fork/exec /usr/bin/restic: permission denied" error.file="/go/src/github.com/vmware-tanzu/velero/pkg/controller/pod_volume_backup_controller.go:280" error.function="github.com/vmware-tanzu/velero/pkg/controller.(*podVolumeBackupController).processBackup" logSource="pkg/controller/pod_volume_backup_controller.go:280" name=<backup_id> namespace=openshift-migration

Solution

https://bugzilla.redhat.com/show_bug.cgi?id=1873641#c13

Dylan's PR: https://github.com/konveyor/mig-operator/pull/442

Comment 2 Xin jiang 2021-05-25 08:42:02 UTC

LGTM

Comment 3 Avital Pinnick 2021-05-25 15:00:01 UTC

Changes merged.

Comment 4 mark jhon 2022-01-15 11:57:14 UTC Comment hidden (spam)

https://sweetzzzmattress.com/bamboo-sheets/

Comment 5 mark jhon 2022-02-06 18:11:25 UTC Comment hidden (spam)

very nice post here
https://curvyncute.com/shapewear/

Comment 6 mjhytre 2022-06-28 07:03:25 UTC Comment hidden (spam)

nice post
https://beddingtondentalclinic.com/service/invisalign/

Comment 7 mjhytre 2023-06-12 09:41:42 UTC Comment hidden (spam)

nice post
https://coffsharbourcarpetcleaning.com/

Comment 8 mjhytre 2023-06-12 11:35:11 UTC Comment hidden (spam)

nice https://fanlifeapparel.com/

Comment 9 mjhytre 2023-07-16 15:13:50 UTC Comment hidden (spam)

nice post https://www.rejuvenatedentistry.com/

Note You need to log in before you can comment on or make changes to this bug.