mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benjamin Bannier <benjamin.bann...@mesosphere.io>
Subject Re: Review Request 50266: Introduced linux capabilities API.
Date Sun, 24 Jul 2016 00:29:16 GMT


> On July 22, 2016, 2:32 a.m., Jie Yu wrote:
> > src/linux/capabilities.hpp, lines 108-110
> > <https://reviews.apache.org/r/50266/diff/1/?file=1448443#file1448443line108>
> >
> >     No need to for this friend unqulified function. This can just be a member function.

I am not sure I follow. This provides a way to insert a `ProcessCapabilities` into an `ostream`
for printing, and I believe this is the canonical form. If implemented as a member the use
would be completely different (`set.printOn(stream)`?).


> On July 22, 2016, 2:32 a.m., Jie Yu wrote:
> > src/linux/capabilities.cpp, lines 99-100
> > <https://reviews.apache.org/r/50266/diff/1/?file=1448444#file1448444line99>
> >
> >     put them in one line:
> >     ```
> >     default: UNREACHABLE();
> >     ```

I did remove the `default` branch as we should be working on a fixed set.


> On July 22, 2016, 2:32 a.m., Jie Yu wrote:
> > src/linux/capabilities.cpp, lines 112-113
> > <https://reviews.apache.org/r/50266/diff/1/?file=1448444#file1448444line112>
> >
> >     Ditto here.

I did remove the `default` branch as we should be working on a fixed set.


- Benjamin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50266/#review143038
-----------------------------------------------------------


On July 24, 2016, 2:28 a.m., Benjamin Bannier wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/50266/
> -----------------------------------------------------------
> 
> (Updated July 24, 2016, 2:28 a.m.)
> 
> 
> Review request for mesos and Jie Yu.
> 
> 
> Bugs: MESOS-5051
>     https://issues.apache.org/jira/browse/MESOS-5051
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This change introduces basic API for linux capabilities. This is not a
> comprehensive API but is strictly limited to the need for securing Mesos
> containers using linux capabilities.
> 
> This patch is based on the work in https://reviews.apache.org/r/46370/.
> 
> 
> Diffs
> -----
> 
>   src/CMakeLists.txt bde76f7840afe55f20d7551b3f7e5fe522f7f326 
>   src/Makefile.am cc83525a4455bbb0e654d346921d66ed2436411d 
>   src/linux/capabilities.hpp PRE-CREATION 
>   src/linux/capabilities.cpp PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/50266/diff/
> 
> 
> Testing
> -------
> 
> `make check` and `sudo make check` (Debian jessie, gcc-4.9.2, w/o optimizations)
> 
> 
> Thanks,
> 
> Benjamin Bannier
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message