[
https://issues.apache.org/jira/browse/MESOS-9386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16753777#comment-16753777
]
Gilbert Song commented on MESOS-9386:
-------------------------------------
Probably we should close this as "won't do"?
> Implement Seccomp profile inheritance for POD containers
> --------------------------------------------------------
>
> Key: MESOS-9386
> URL: https://issues.apache.org/jira/browse/MESOS-9386
> Project: Mesos
> Issue Type: Task
> Components: containerization
> Reporter: Andrei Budnik
> Assignee: Andrei Budnik
> Priority: Major
> Labels: mesosphere
>
> Child containers inherit its parent container's Seccomp profile by default.
> Also, Seccomp profile can be overridden by a Framework for a particular child
> container by specifying a path to the Seccomp profile.
> Mesos containerizer persists information about containers on disk via
> `ContainerLaunchInfo` proto, which includes `ContainerSeccompProfile` proto.
> Mesos containerizer should use this proto to load the parent's profile for a
> child container. When a child inherits the parent's Seccomp profile, Mesos
> agent doesn't have to re-read a Seccomp profile from the disk, which was used
> for the parent container. Otherwise, we would have to check that a file
> content hasn't changed since the last time the parent was launched.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
