----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57402/#review168510 -----------------------------------------------------------
Ship it! Ship It! - Jie Yu On March 8, 2017, 1:27 a.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57402/ > ----------------------------------------------------------- > > (Updated March 8, 2017, 1:27 a.m.) > > > Review request for mesos, Adam B, Avinash sridharan, Jie Yu, and Timothy Chen. > > > Bugs: MESOS-7208 > https://issues.apache.org/jira/browse/MESOS-7208 > > > Repository: mesos > > > Description > ------- > > This issue is command task with container image provided specific. > We used to set user as 'root' explicitly for command task with > container image. However, this would break operators who set 'user' > for FrameworkInfo/CommandInfo to any user other than 'root' because > the task cannot access all other contents owned by 'root', e.g., > persistent volumes, stdout/stderr or any other directories/files > written by modules. > > Instead of relying on each isolator/module to explicitly chown, > Mesos should set user to 'root' right before launching the command > executor, because the root privilege is only necessary for 'chroot' > in command executor launch, which should not impact on other > components. > > > Diffs > ----- > > src/slave/containerizer/mesos/containerizer.cpp > d2b4f75a55dbe4746bc2dfc180335fa831a554ef > src/slave/slave.cpp 892ce1938ac695e7913aa9139536d0787f3f5ea7 > > > Diff: https://reviews.apache.org/r/57402/diff/1/ > > > Testing > ------- > > make check > > > Thanks, > > Gilbert Song > >
