Set ownership of stdout/stderr and container directory properly. Review: https://reviews.apache.org/r/24766
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/337e9558 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/337e9558 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/337e9558 Branch: refs/heads/master Commit: 337e9558307c6799d46fee2d9ff738126d36163f Parents: fd55381 Author: Benjamin Hindman <[email protected]> Authored: Fri Aug 15 21:35:33 2014 -0700 Committer: Benjamin Hindman <[email protected]> Committed: Sat Aug 16 08:25:39 2014 -0700 ---------------------------------------------------------------------- src/slave/containerizer/docker.cpp | 48 ++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/337e9558/src/slave/containerizer/docker.cpp ---------------------------------------------------------------------- diff --git a/src/slave/containerizer/docker.cpp b/src/slave/containerizer/docker.cpp index ced0f92..5fa0275 100644 --- a/src/slave/containerizer/docker.cpp +++ b/src/slave/containerizer/docker.cpp @@ -390,8 +390,6 @@ Future<Nothing> DockerContainerizerProcess::fetch( VLOG(1) << "Starting to fetch URIs for container: " << containerId << ", directory: " << directory; - // NOTE: It's important that we create a pipe for the mesos-fetcher - // stdin so that when the slave exits it will terminate itself. Try<Subprocess> fetcher = subprocess( realpath.get(), Subprocess::PIPE(), @@ -777,13 +775,35 @@ Future<bool> DockerContainerizerProcess::launch( return false; } - ContainerInfo containerInfo = executorInfo.container(); + ContainerInfo containerInfo = taskInfo.container(); if (containerInfo.type() != ContainerInfo::DOCKER) { LOG(INFO) << "Skipping non-docker container"; return false; } + // Before we do anything else we first make sure the stdout/stderr + // files exist and have the right file ownership. + Try<Nothing> touch = os::touch(path::join(directory, "stdout")); + + if (touch.isError()) { + return Failure("Failed to touch 'stdout': " + touch.error()); + } + + touch = os::touch(path::join(directory, "stderr")); + + if (touch.isError()) { + return Failure("Failed to touch 'stderr': " + touch.error()); + } + + if (user.isSome()) { + Try<Nothing> chown = os::chown(user.get(), directory, true); + + if (chown.isError()) { + return Failure("Failed to chown: " + chown.error()); + } + } + LOG(INFO) << "Starting container '" << containerId << "' for task '" << taskInfo.task_id() << "' (and executor '" << executorInfo.executor_id() @@ -1003,6 +1023,28 @@ Future<bool> DockerContainerizerProcess::launch( return false; } + // Before we do anything else we first make sure the stdout/stderr + // files exist and have the right file ownership. + Try<Nothing> touch = os::touch(path::join(directory, "stdout")); + + if (touch.isError()) { + return Failure("Failed to touch 'stdout': " + touch.error()); + } + + touch = os::touch(path::join(directory, "stderr")); + + if (touch.isError()) { + return Failure("Failed to touch 'stderr': " + touch.error()); + } + + if (user.isSome()) { + Try<Nothing> chown = os::chown(user.get(), directory, true); + + if (chown.isError()) { + return Failure("Failed to chown: " + chown.error()); + } + } + LOG(INFO) << "Starting container '" << containerId << "' for executor '" << executorInfo.executor_id() << "' and framework '" << executorInfo.framework_id() << "'";
