Running chroot from a unprivileged pod fails in OCP 4

Solution Verified - Updated -

Issue

  • SFTP pods failing to start because missing permissions.

  • Pod fail to start (crashLoopBackOff) due to not enough permission provided to the pod with the following error:

    mkdir: cannot create directory '/var/run/sftp': Permission denied
/entrypoint: Error on line 34: mkdir -p "$(dirname $userConfFinalPath)"

  • Pods fail to start (crashLoopBackOff) due to the SCC (Security Context Constraints) being too restrictive with the following error:

    chroot("/run/sshd"): Operation not permitted [preauth]

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4
  • Red Hat OpenShift on AWS (ROSA)
    • 4
  • Red Hat OpenShift Dedicated (OSD)
    • 4
  • Red Hat OpenShift on Azure (ARO)
    • 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content