Regular Openshift users don't have permission to run as arbitrary
UIDs. You can read more here:
https://docs.openshift.org/latest/architecture/additional_concepts/authorization.html#security-context-constraints
To give yourself access as a root user (if you are an admin) run
oadm policy add-scc-to-user anyuid -z default
Or to let your pods run as any non-root user, run
oadm policy add-scc-to-user nonroot -z default
> On Mar 1, 2016, at 9:04 AM, Julio Saura <[email protected]> wrote:
>
> Hello
>
> i have a working open shift running and maybe is my misunderstanding but i
> have a problem with RC
>
> so,
>
> i have an own docker image for my app, my entry point in my docker file
> creates some directories that are needed for my app to work and starts a
> jboss,, so far so good
>
> the image is running if i define it as a POD, but when i try to create a RC
> using that image i am having some weird permission denied when creating the
> directories and so my pod dies.
>
> i have noticed that when i run it as POD my process is running under the user
> i define in a step inside my docker file when building the image, but if i
> run it on a RC the process is running under an unknown UID
>
> UID PID PPID C STIME TTY TIME CMD
> 1000120+ 1 0 0 17:02 ? 00:00:00 /bin/bash
> /etc/init.d/jboss-as st
>
> and so when that entry point is trying to create the directories i need i get
> permission denied errors, logically the process dies and so does my pod
> inside de RC ..
>
> why is this happening? on my dockerfile i add a unix user as the process
> proprietary and in my entry point command script i am changing the user when
> starting .. running on the RC the user is not created and not used, but
> running it as a POD works like a charm..
>
> i am missing something?
>
> best regards
> thanks all!
>
>
>
>
>
> _______________________________________________
> users mailing list
> [email protected]
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
