[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: User "admin" cannot get securitycontextconstraints at the cluster scope



User “admin” (that’s the user name) must be given real admin
privileges to perform that action, which the error is telling you you
don’t have.

You must run as a cluster admin or other highly privileged user in
order to modify the security rules.  The only user that has that by
default is the system:admin user the initial install creates.

> On Aug 1, 2018, at 9:15 PM, Traiano Welcome <traiano gmail com> wrote:
>
> Hi
>
> I was working through the O'Reilly book "OpenShift for developers" but the example on page 75, where tomcat8 is run fails:
>
> - The container remains in crashloop backoff
> - The logs show the container is having permission issues:
>
> ----
> Aug 02, 2018 1:03:47 AM org.apache.catalina.startup.Catalina load
> WARNING: Unable to load server configuration from [/usr/local/tomcat/conf/server.xml]
> Aug 02, 2018 1:03:47 AM org.apache.catalina.startup.Catalina load
> WARNING: Permissions incorrect, read permission is not allowed on the file.
> Aug 02, 2018 1:03:47 AM org.apache.catalina.startup.Catalina start
> SEVERE: Cannot start server. Server instance is not configured.
> ----
>
> - This appears to be due to openshift/minishift not allowing containers to run as root
> - I try installing the anyuid addon and running this command:
> - oc adm policy add-scc-to-user anyuid -z default -n tomcat8
> - However it fails with this error despite the anyuid addon being applied:
>
> ----
> Error from server (Forbidden): securitycontextconstraints "anyuid" is forbidden: User "admin" cannot get securitycontextconstraints at the cluster scope: User "admin" cannot get securitycontextconstraints at the cluster scope
> ----
>
>
> How do I fix this?
>
> Thanks in advance,
> Traiano
>
> _______________________________________________
> users mailing list
> users lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]