Repository: mesos Updated Branches: refs/heads/master 0f93a8d6b -> ac184f940
Added note when setting executor user in slave. Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/ac184f94 Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/ac184f94 Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/ac184f94 Branch: refs/heads/master Commit: ac184f940fece8700c3fbdfbe1121abde08b4657 Parents: 0f93a8d Author: Timothy Chen <[email protected]> Authored: Thu Nov 5 18:25:18 2015 -0800 Committer: Timothy Chen <[email protected]> Committed: Thu Nov 5 18:25:18 2015 -0800 ---------------------------------------------------------------------- src/slave/slave.cpp | 4 ++++ 1 file changed, 4 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/ac184f94/src/slave/slave.cpp ---------------------------------------------------------------------- diff --git a/src/slave/slave.cpp b/src/slave/slave.cpp index 9739189..a0efba7 100644 --- a/src/slave/slave.cpp +++ b/src/slave/slave.cpp @@ -3346,6 +3346,10 @@ ExecutorInfo Slave::getExecutorInfo( executor.mutable_command()->add_arguments( "--sandbox_directory=" + flags.sandbox_directory); + // NOTE: if switch_user flag is false and the slave runs under + // a non-root user, the task will be rejected by the Posix + // filesystem isolator. Linux filesystem isolator requires slave + // to have root permission. if (flags.switch_user) { Option<string> user; if (task.command().has_user()) {
