mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mesos Reviewbot Windows <revi...@mesos.apache.org>
Subject Re: Review Request 69376: Fixed an issue about inheriting user for nested containers.
Date Sat, 17 Nov 2018 15:44:39 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69376/#review210622
-----------------------------------------------------------



PASS: Mesos patch 69376 was successfully built and tested.

Reviews applied: `['69376']`

All the build artifacts available at: http://dcos-win.westus2.cloudapp.azure.com/artifacts/mesos-reviewbot-testing/2611/mesos-review-69376

- Mesos Reviewbot Windows


On Nov. 17, 2018, 3:08 p.m., Qian Zhang wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69376/
> -----------------------------------------------------------
> 
> (Updated Nov. 17, 2018, 3:08 p.m.)
> 
> 
> Review request for mesos and Gilbert Song.
> 
> 
> Bugs: MESOS-9332
>     https://issues.apache.org/jira/browse/MESOS-9332
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Previously we inherited user from parent container for nested
> containers in `MesosContainerizerProcess::_launch`, but that
> is too late which will cause an issue that the nested container
> is launched as a non-root user but its sandbox directory is
> created with root as owner (suppose there is no user specified
> in the nested container's `commandInfo` and the default executor
> is launched as a non-root user), so the nested container will not
> have the permission to write to its own sandbox.
> 
> In this patch, we inherit user for nested containers in an earlier
> place (i.e., `MesosContainerizerProcess::launch`) to avoid the
> above issue.
> 
> 
> Diffs
> -----
> 
>   src/slave/containerizer/mesos/containerizer.cpp 181a4da1d18b215348d183f104157d996f2da096

> 
> 
> Diff: https://reviews.apache.org/r/69376/diff/1/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Qian Zhang
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message