Set the ownership of persistent volumes to match the sandbox directory. Review: https://reviews.apache.org/r/35721
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/c8e091d1 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/c8e091d1 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/c8e091d1 Branch: refs/heads/master Commit: c8e091d1d694e812cd9061217fa8018986109aed Parents: 3d2dec4 Author: haosdent huang <[email protected]> Authored: Mon Jun 29 02:39:59 2015 -0700 Committer: Adam B <[email protected]> Committed: Mon Jun 29 03:33:11 2015 -0700 ---------------------------------------------------------------------- src/slave/containerizer/mesos/containerizer.cpp | 21 ++++++++++++++++++++ 1 file changed, 21 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/c8e091d1/src/slave/containerizer/mesos/containerizer.cpp ---------------------------------------------------------------------- diff --git a/src/slave/containerizer/mesos/containerizer.cpp b/src/slave/containerizer/mesos/containerizer.cpp index 313e9b7..47d1461 100644 --- a/src/slave/containerizer/mesos/containerizer.cpp +++ b/src/slave/containerizer/mesos/containerizer.cpp @@ -1331,6 +1331,27 @@ Try<Nothing> MesosContainerizerProcess::updateVolumes( "Failed to symlink persistent volume from '" + original + "' to '" + link + "'"); } + + // Set the ownership of persistent volume to match the sandbox + // directory. Currently, persistent volumes in mesos are + // exclusive. If one persistent volume is used by one + // task/executor, it cannot be concurrently used by other + // task/executor. But if we allow multiple executors use same + // persistent volume at the same time in the future, the ownership + // of persistent volume may conflict here. + // TODO(haosdent): We need to update this after we have a proposed + // plan to adding user/group to persistent volumes. + struct stat s; + if (::stat(container->directory.c_str(), &s) < 0) { + return Error("Failed to get permissions on '" + container->directory + + "': " + strerror(errno)); + } + + Try<Nothing> chown = os::chown(s.st_uid, s.st_gid, original, true); + if (chown.isError()) { + return Error("Failed to chown persistent volume '" + original + + "': " + chown.error()); + } } return Nothing();
