+++ This bug was initially created as a clone of Bug #2065266 +++ This bug has been copied from bug#2062870 and has been proposed to be backported to 8.6.0 stream. Devel and QA ack is needed for full approval of the zstream clone
Kernel errata has shipped and a superseding kernel is present in 4.11 nightlies.
The dependent RHEL BZ was fixed as part of RHEL 8.6.0.1 with `kernel-4.18.0-372.13.1.el8_6` Checking a 4.11 CI release-payload: ``` $ oc version Client Version: 4.10.18 Server Version: 4.11.0-0.ci-2022-07-05-101838 Kubernetes Version: v1.24.0-2362+2dd8bb16eb2fd8-dirty $ oc get nodes NAME STATUS ROLES AGE VERSION ci-ln-818wcgt-72292-fjchw-master-0 Ready master 19m v1.24.0+2dd8bb1 ci-ln-818wcgt-72292-fjchw-master-1 Ready master 19m v1.24.0+2dd8bb1 ci-ln-818wcgt-72292-fjchw-master-2 Ready master 20m v1.24.0+2dd8bb1 ci-ln-818wcgt-72292-fjchw-worker-a-nl42w Ready worker 12m v1.24.0+2dd8bb1 ci-ln-818wcgt-72292-fjchw-worker-b-9h9zr Ready worker 12m v1.24.0+2dd8bb1 ci-ln-818wcgt-72292-fjchw-worker-c-xz5rd Ready worker 12m v1.24.0+2dd8bb1 $ oc debug node/ci-ln-818wcgt-72292-fjchw-worker-a-nl42w Warning: would violate PodSecurity "restricted:latest": host namespaces (hostNetwork=true, hostPID=true), privileged (container "container-00" must not set securityContext.privileged=true), allowPrivilegeEscalation != false (container "container-00" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "container-00" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "host" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or container "container-00" must set securityContext.runAsNonRoot=true), runAsUser=0 (container "container-00" must not set runAsUser=0), seccompProfile (pod or container "container-00" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") Starting pod/ci-ln-818wcgt-72292-fjchw-worker-a-nl42w-debug ... To use host binaries, run `chroot /host` Pod IP: 10.0.128.2 If you don't see a command prompt, try pressing enter. sh-4.4# chroot /host sh-4.4# rpm-ostree status State: idle Deployments: * pivot://registry.ci.openshift.org/ocp/4.11-2022-07-05-101838@sha256:04b54950ce296d73746f22b66ff6c5484c37be78cb34aaf352338359112fa241 CustomOrigin: Managed by machine-config-operator Version: 411.86.202207011902-0 (2022-07-01T19:05:18Z) 0505ffc1c711903785f27570819e973f086f594a8daa3ec9dfe2a059586ac42f Version: 411.86.202206301504-0 (2022-06-30T15:08:01Z) sh-4.4# rpm -q kernel kernel-4.18.0-372.13.1.el8_6.x86_64 ```
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069