oc debug node does not work due to strict security context
Issue
oc debug node/node_namedoes not work via cli and produces below error:
$ oc debug node/worker-1.ocp14.lab.xy.redhat.com
Temporary namespace openshift-debug-n9x8j is created for debugging node...
Temporary namespace openshift-debug-n9x8j was removed.
The Pod "worker-1ocp14labxy-debug-rbvt5" is invalid: spec.containers[0].securityContext: Invalid value: core.SecurityContext{Capabilities:(*core.Capabilities)(nil), Privileged:(*bool)(0xc035dfab1c), SELinuxOptions:(*core.SELinuxOptions)(nil), WindowsOptions:(*core.WindowsSecurityContextOptions)(nil), RunAsUser:(*int64)(0xc035dfab40), RunAsGroup:(*int64)(nil), RunAsNonRoot:(*bool)(nil), ReadOnlyRootFilesystem:(*bool)(nil), AllowPrivilegeEscalation:(*bool)(0xc03a02fe58), ProcMount:(*core.ProcMountType)(nil), SeccompProfile:(*core.SeccompProfile)(nil)}: cannot set `allowPrivilegeEscalation` to false and `privileged` to true
Environment
- Red Hat OpenShift Container Platform
- v4.12+
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
