[jira] [Created] (AURORA-1057) Aurora should allow users to create "privileged" containers

Jay Buffington (JIRA) Fri, 23 Jan 2015 17:41:22 -0800

Jay Buffington created AURORA-1057:
--------------------------------------

             Summary: Aurora should allow users to create "privileged" 
containers
                 Key: AURORA-1057
                 URL: https://issues.apache.org/jira/browse/AURORA-1057
             Project: Aurora
          Issue Type: Bug
            Reporter: Jay Buffington



I'd like to allow users to set some configuration in their .aurora file which 
results in the "privileged" flag being set in ContainerInfo:
https://github.com/apache/mesos/blob/master/include/mesos/mesos.proto#L1017

If a user wants to, say, mount an NFS volume inside a container, "docker run" 
needs to be started in "priviledged" mode.  See 
https://docs.docker.com/reference/run/#runtime-privilege-linux-capabilities-and-lxc-configuration

Like volume mount support there are security concerns here, so perhaps there 
needs to be a flag that allow administrators to disable this feature.

This requires mesos 0.21+



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (AURORA-1057) Aurora should allow users to create "privileged" containers

Reply via email to