mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Budnik <abud...@mesosphere.com>
Subject Re: Review Request 68016: Added libseccomp to the build.
Date Tue, 18 Dec 2018 13:31:18 GMT


> On Dec. 12, 2018, 11:51 p.m., Gilbert Song wrote:
> > configure.ac
> > Lines 352 (patched)
> > <https://reviews.apache.org/r/68016/diff/9/?file=2110248#file2110248line352>
> >
> >     Do we have a plan to deprecate this configuraton flag in the future? E.g., always
only compile the seccomp library on linux.
> 
> Andrei Budnik wrote:
>     Currently, we support old kernel version that does not support `seccomp`. E.g., `centos
6` is bases on pre-seccomp kernel.
>     I think we will deprecate this flag in the future.
> 
> Gilbert Song wrote:
>     ok, could we add a TODO here? so that people would capture our deprecation plan:)

Updated flag description.


- Andrei


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68016/#review211258
-----------------------------------------------------------


On Nov. 8, 2018, 3:23 p.m., Andrei Budnik wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68016/
> -----------------------------------------------------------
> 
> (Updated Nov. 8, 2018, 3:23 p.m.)
> 
> 
> Review request for mesos, Andrew Schwartzmeyer, Gilbert Song, Jie Yu, James Peach, and
Qian Zhang.
> 
> 
> Bugs: MESOS-9032
>     https://issues.apache.org/jira/browse/MESOS-9032
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This library is needed to implement Seccomp syscall filtering in the
> Mesos containerizer. This patch introduces `seccomp-isolator` build
> flag, which is used to include or exclude sources related to Seccomp
> from the build. Since Seccomp is a Linux-specific feature, the flag
> is disabled by default. Enabling `seccomp-isolator` means either:
> 
> 1. Compiling and linking against the bundled version of libseccomp from
>    sources (default).
> 
> 2. Linking against the libseccomp installed in the OS,
>    if `--with-libseccomp` build flag is provided.
> 
> 
> Diffs
> -----
> 
>   3rdparty/CMakeLists.txt 703808d063e4bba58f647b5d48b78724003bcc4e 
>   3rdparty/Makefile.am e625e7be1743348d02c6dbb8e0a92d1a395b0ef4 
>   3rdparty/cmake/Versions.cmake 69fc594ec5ba2887b20b88ec0767a5d801411411 
>   3rdparty/versions.am 99ef92087f6958d83ba415e84db5cbbb0c597573 
>   cmake/CompilationConfigure.cmake 2485a8a580dcc2ad9b026e389b6525ef3a19f98e 
>   configure.ac 6778f119570def1838e26cddf7b0192bfe6e37d4 
>   src/CMakeLists.txt bde070445b644e15d46c390d1c983caabaa1fec8 
>   src/Makefile.am 7a4904a3d67479267087fd2313a263d8218843fa 
>   src/python/native_common/ext_modules.py.in 1f2e6c131d18e3e2fbc2e865c4698c83e73b87ba

> 
> 
> Diff: https://reviews.apache.org/r/68016/diff/10/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Andrei Budnik
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message