mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Rojas" <alexan...@mesosphere.io>
Subject Re: Review Request 36049: Added support for modularized Authorizer
Date Fri, 17 Jul 2015 09:56:54 GMT


> On July 8, 2015, 12:12 a.m., Till Toenshoff wrote:
> > src/local/local.cpp, line 241
> > <https://reviews.apache.org/r/36049/diff/7/?file=1000249#file1000249line241>
> >
> >     I am assuming that the `LocalAuthorizer` should be considered unusable should
its initialize function ever fail.
> >     
> >     My most favored solution here would be to log the failure and make sure that
`authorizer` remains unset so that we can operate without any authorization. That would be
following the approach of the authenticator `initialize` failure handling.
> >     
> >     ```
> >      Try<Nothing> initialize = authorizer.get()->initialize(flags.acls.get());
> >      
> >      if (initialize.isError()) {
> >       // A failure to initialize the authorizer does lead to unusable authorization
> >       // but allows actions to skip authorization.
> >       LOG(WARNING) << "Authorization is disabled: Failed to initialize '"
> >                    << flags.authorizers << "' authorizer: " <<
initialize.error();
> >       delete authorizer.get();
> >       authorizer = None();
> >     }
> >     ```
> >     
> >     Inherited from  https://github.com/apache/mesos/blob/master/src/master/master.cpp#L484

As a note, please don't use links to the master branch, use a specific review since any update
on the master invalidates the line you want to show. e.g. https://github.com/apache/mesos/blob/bfe6c07b79550bb3d1f2ab6f5344d740e6eb6f60/src/master/master.cpp#L484


- Alexander


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/36049/#review90774
-----------------------------------------------------------


On July 7, 2015, 9:34 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/36049/
> -----------------------------------------------------------
> 
> (Updated July 7, 2015, 9:34 a.m.)
> 
> 
> Review request for mesos, Adam B and Till Toenshoff.
> 
> 
> Bugs: MESOS-2947
>     https://issues.apache.org/jira/browse/MESOS-2947
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Adds and integrates helper classes needed to support an `Authorizer` module. Also adds
a flag to the master, allowing the selection of an `Authorizer` module.
> 
> 
> Diffs
> -----
> 
>   include/mesos/authorizer/authorizer.hpp PRE-CREATION 
>   include/mesos/module/authorizer.hpp PRE-CREATION 
>   src/Makefile.am addb63f615f16ae6b25f745b2e79fd9fc0e27851 
>   src/authorizer/authorizer.cpp PRE-CREATION 
>   src/local/local.cpp 1953d84c75a83f4ace944d6243456235d8a193ff 
>   src/master/constants.hpp 7cec18b7fdfd3b96cde42a30d217c026b2695dce 
>   src/master/constants.cpp fbcae60c43e835f96ec061bd0e9f7961e31fc341 
>   src/master/flags.hpp f2cd19a6edfaa4e5bb31f024ef8d5beda32fbc2f 
>   src/master/flags.cpp 60ac64d98d53f74f904846b27a3833a7c44a9756 
>   src/master/main.cpp 2624b7ea4920a534c98f5dfbf9286c54c50f11a9 
>   src/module/manager.cpp 909ca56eea85d365cb9ebe1b3cce43051cabb670 
>   src/tests/cluster.hpp cfe7ef0c7a6dc62cddc3e5f5b5b28c8bcb2bed26 
> 
> Diff: https://reviews.apache.org/r/36049/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message