[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: oc whoami bug?

The `oc` command always looks for the current session in `~/.kube/config`.  It doesn't know if a session is expired or not since session timeouts are configurable and could have changed since the last API call was made to the master(s).  You can run your `oc` commands to with `--loglevel=8` to see this interaction play out.

You could also run your command like so (in bash):

$ ocx () { oc whoami && oc $@ || echo "ERROR: You may not be logged in!" ; }
$ ocx get pods -o wide




Red Hat Consulting, NA US WEST

lpsantil gmail com    M: 3236334854    

On Tue, Jun 20, 2017 at 6:51 AM, Philippe Lafoucrière <philippe lafoucriere tech-angels com> wrote:

On Mon, Jun 19, 2017 at 4:56 PM, Louis Santillan <lsantill redhat com> wrote:
The default user for any request is `system:anonymous` a user is not logged in or a valid token is not found.  Depending on your cluster, this usually has almost no access (less than `system:authenticated`).  Maybe an RFE is order (oc could suggest logging in if request is unsuccessful and the found user happens to be `system:anonymous`).

That's what I suspect, but when I'm logged, I expect the token to be mine. 
In this particular case, the session had expired, and nothing warned that the issued token was for `system:anonymous` instead of me.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]