Targeting this bug for next 2.6.z release. We already have a bug targeted for release 4.9.0, https://bugzilla.redhat.com/show_bug.cgi?id=1985719 We need a back-port of this for 2.6.z, https://github.com/kubevirt/kubevirt/pull/6147
verify with build HCO:[v2.6.7-41] step: 1. prepare a vm with guest agent installed 2. create unprivilege user with clusterrole $ cat role.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: my-custom-rbac-role labels: kubevirt.io: "" rules: - apiGroups: - subresources.kubevirt.io resources: - virtualmachineinstances/console - virtualmachineinstances/guestosinfo verbs: - get - apiGroups: - kubevirt.io resources: - virtualmachineinstances - virtualmachines - virtualmachineinstancepresets - virtualmachineinstancereplicasets verbs: - get - list - watch 3. login with unprivilege user $ oc whoami redhat 4. check vm guest info $ virtctl guestosinfo vm-rhel { "guestAgentVersion": "6.1.0", "supportedCommands": [ { "name": "guest-ssh-remove-authorized-keys", "enabled": true }, { "name": "guest-ssh-add-authorized-keys", "enabled": true }, { "name": "guest-ssh-get-authorized-keys", "enabled": true }, { "name": "guest-get-devices" }, { "name": "guest-get-osinfo", "enabled": true }, { "name": "guest-get-timezone", "enabled": true }, { "name": "guest-get-users", "enabled": true }, { "name": "guest-get-host-name", "enabled": true }, { "name": "guest-exec" }, { "name": "guest-exec-status" }, { "name": "guest-get-memory-block-info", "enabled": true }, { "name": "guest-set-memory-blocks", "enabled": true }, { "name": "guest-get-memory-blocks", "enabled": true }, { "name": "guest-set-user-password", "enabled": true }, { "name": "guest-get-fsinfo", "enabled": true }, { "name": "guest-get-disks", "enabled": true }, { "name": "guest-set-vcpus", "enabled": true }, { "name": "guest-get-vcpus", "enabled": true }, { "name": "guest-network-get-interfaces", "enabled": true }, { "name": "guest-suspend-hybrid", "enabled": true }, { "name": "guest-suspend-ram", "enabled": true }, { "name": "guest-suspend-disk", "enabled": true }, { "name": "guest-fstrim", "enabled": true }, { "name": "guest-fsfreeze-thaw", "enabled": true }, { "name": "guest-fsfreeze-freeze-list", "enabled": true }, { "name": "guest-fsfreeze-freeze", "enabled": true }, { "name": "guest-fsfreeze-status", "enabled": true }, { "name": "guest-file-flush" }, { "name": "guest-file-seek" }, { "name": "guest-file-write" }, { "name": "guest-file-read" }, { "name": "guest-file-close" }, { "name": "guest-file-open" }, { "name": "guest-shutdown", "enabled": true }, { "name": "guest-info", "enabled": true }, { "name": "guest-set-time", "enabled": true }, { "name": "guest-get-time", "enabled": true }, { "name": "guest-ping", "enabled": true }, { "name": "guest-sync", "enabled": true }, { "name": "guest-sync-delimited", "enabled": true } ], "hostname": "vm-rhel", "os": { "name": "Red Hat Enterprise Linux", "kernelRelease": "4.18.0-343.el8.x86_64", "version": "8.6 (Ootpa)", "prettyName": "Red Hat Enterprise Linux 8.6 Beta (Ootpa)", "versionId": "8.6", "kernelVersion": "#1 SMP Thu Sep 16 18:45:53 EDT 2021", "machine": "x86_64", "id": "rhel" }, "timezone": "EDT, -14400", "fsInfo": { "disks": [ { "diskName": "vdb2", "mountPoint": "/boot/efi", "fileSystemType": "vfat", "usedBytes": 6006784, "totalBytes": 104634368 }, { "diskName": "vdb3", "mountPoint": "/", "fileSystemType": "xfs", "usedBytes": 2047205376, "totalBytes": 21357375488 } ] } } move to verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: OpenShift Virtualization 2.6.7 Images security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3733