mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mesos Reviewbot <revi...@mesos.apache.org>
Subject Re: Review Request 70712: Added filesystem operations to the `ContainerLaunchInfo`.
Date Fri, 24 May 2019 09:00:08 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70712/#review215493
-----------------------------------------------------------



Patch looks great!

Reviews applied: [70712]

Passed command: export OS='ubuntu:14.04' BUILDTOOL='autotools' COMPILER='gcc' CONFIGURATION='--verbose
--disable-libtool-wrappers --disable-parallel-test-execution' ENVIRONMENT='GLOG_v=1 MESOS_VERBOSE=1';
./support/docker-build.sh

- Mesos Reviewbot


On May 24, 2019, 6:46 a.m., James Peach wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/70712/
> -----------------------------------------------------------
> 
> (Updated May 24, 2019, 6:46 a.m.)
> 
> 
> Review request for mesos, Xudong Ni, Gilbert Song, Jie Yu, Jacob Janco, and Jiang Yan
Xu.
> 
> 
> Bugs: MESOS-9769
>     https://issues.apache.org/jira/browse/MESOS-9769
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> The `filesystem/linux` isolator was using pre-exec commands
> to set up Linux ABI symlinks. Not only is this inefficient,
> it has the undesirable security property of running programs
> in a user-controlled container image.
> 
> The fix added a new `ContainerFileOperation` message to the
> containerizer launch information. The containerizer executes
> the requested file operation after performing the container
> mounts.
> 
> 
> Diffs
> -----
> 
>   include/mesos/slave/containerizer.proto e9924489000efabebd55bf070f18149f23e4a510 
>   src/common/protobuf_utils.hpp 273ae270695db33b6c9d8b32cb38f8840a815787 
>   src/common/protobuf_utils.cpp 8b252cb11e17356836988dfc44a63953579a1def 
>   src/slave/containerizer/mesos/isolators/cgroups/cgroups.cpp 8f94453a7354927ae918d3f2fd746cdf5ef63cb7

>   src/slave/containerizer/mesos/isolators/filesystem/linux.cpp 190054c26b949aa9ba0f49377b77d9e472edb95a

>   src/slave/containerizer/mesos/launch.cpp 5ddb4c7d998c17b59164825acc0627a1311b691b 
> 
> 
> Diff: https://reviews.apache.org/r/70712/diff/1/
> 
> 
> Testing
> -------
> 
> sudo make check (Fedora 30)
> 
> 
> Thanks,
> 
> James Peach
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message