----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/50270/ -----------------------------------------------------------
(Updated Sept. 10, 2016, 12:47 a.m.) Review request for mesos, Jay Guo and Jie Yu. Bugs: MESOS-5275 https://issues.apache.org/jira/browse/MESOS-5275 Repository: mesos Description ------- This change introduces linux capability based security for unified containerizer. A new agent flag \`allowed_capabilities\` has been introduced to override the default capabilities of the user or the capabilities requested by the user. This feature is only available on linux. Diffs ----- src/slave/containerizer/mesos/launch.hpp 0e86da9c7bd9c7fbedd7102d66b902d1c10e5e0b src/slave/containerizer/mesos/launch.cpp 13b65d82e029650e150eb2bc3647d95af167bd72 src/slave/flags.hpp 1a006663e7cc58ee548b3dda686cfbac0c240baa src/slave/flags.cpp 0f2be1700f41b74da4ea1ce699a81ec33cf92a9a Diff: https://reviews.apache.org/r/50270/diff/ Testing ------- `make check` and `sudo make check` (Debian jessie, gcc-4.9.2, w/o optimizations) Thanks, Benjamin Bannier