This is an automated email from the ASF dual-hosted git repository. alexr pushed a commit to branch 1.5.x in repository https://gitbox.apache.org/repos/asf/mesos.git
commit e4d8ab9911af6d494aae7f5762dd84b8f085fd1e Author: Andrei Budnik <[email protected]> AuthorDate: Mon Aug 20 16:28:44 2018 +0200 Fixed wrong `mnt` namespace detection for non-command executor tasks. Previously, we were calling `getMountNamespaceTarget()` not only in case of the command executor but in all other cases too, including the default executor. That might lead to various subtle bugs, caused by wrong detection of `mnt` namespace target. This patch fixes the issue by setting a parent PID as `mnt` namespace target in case of non-command executor task. Review: https://reviews.apache.org/r/68348/ (cherry picked from commit b3c9c6939964831170e819f88134af7b275ffe1b) --- src/slave/containerizer/mesos/containerizer.cpp | 27 +++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/src/slave/containerizer/mesos/containerizer.cpp b/src/slave/containerizer/mesos/containerizer.cpp index c0fe435..2e718fe 100644 --- a/src/slave/containerizer/mesos/containerizer.cpp +++ b/src/slave/containerizer/mesos/containerizer.cpp @@ -1887,20 +1887,31 @@ Future<Containerizer::LaunchResult> MesosContainerizerProcess::_launch( return Failure("Unknown parent container"); } - if (containers_.at(containerId.parent())->pid.isNone()) { + const Owned<Container>& parentContainer = + containers_.at(containerId.parent()); + + if (parentContainer->pid.isNone()) { return Failure("Unknown parent container pid"); } - pid_t parentPid = containers_.at(containerId.parent())->pid.get(); + const pid_t parentPid = parentContainer->pid.get(); - Try<pid_t> mountNamespaceTarget = getMountNamespaceTarget(parentPid); - if (mountNamespaceTarget.isError()) { - return Failure( - "Cannot get target mount namespace from process " + - stringify(parentPid) + ": " + mountNamespaceTarget.error()); + // For the command executor case, we need to find a PID of its task, + // which will be used to enter the task's mount namespace. + if (parentContainer->config.isSome() && + parentContainer->config->has_task_info()) { + Try<pid_t> mountNamespaceTarget = getMountNamespaceTarget(parentPid); + if (mountNamespaceTarget.isError()) { + return Failure( + "Cannot get target mount namespace from process " + + stringify(parentPid) + ": " + mountNamespaceTarget.error()); + } + + launchFlags.namespace_mnt_target = mountNamespaceTarget.get(); + } else { + launchFlags.namespace_mnt_target = parentPid; } - launchFlags.namespace_mnt_target = mountNamespaceTarget.get(); _enterNamespaces = _enterNamespaces.get() & ~CLONE_NEWNS; } #endif // __linux__
