----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58254/#review171506 -----------------------------------------------------------
include/mesos/authorizer/authorizer.proto Line 176 (original), 178 (patched) <https://reviews.apache.org/r/58254/#comment244440> Need to add container id here as well. include/mesos/authorizer/authorizer.proto Line 192 (original), 194 (patched) <https://reviews.apache.org/r/58254/#comment244441> Need to add container id here as well. src/authorizer/local/authorizer.cpp Lines 725 (patched) <https://reviews.apache.org/r/58254/#comment244449> Is this based on the assumption that claims subjects only come from executors and not operators? What guarantees that? - Vinod Kone On April 7, 2017, 11:25 p.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58254/ > ----------------------------------------------------------- > > (Updated April 7, 2017, 11:25 p.m.) > > > Review request for mesos, Adam B, Alexander Rojas, Till Toenshoff, and Vinod > Kone. > > > Bugs: MESOS-7014 > https://issues.apache.org/jira/browse/MESOS-7014 > > > Repository: mesos > > > Description > ------- > > This patch updates the agent handlers for the LAUNCH_, WAIT_, > and KILL_NESTED_CONTAINER calls of the operator API to set the > `container_id` field within the authorization object, > facilitating implicit executor authorization. > > > Diffs > ----- > > include/mesos/authorizer/authorizer.proto > 736f76d552956f2351ffd40fc51d088dff83f8c8 > src/authorizer/local/authorizer.cpp > e241edf4afa48d35dbbbb94d72e8e8690f5bedfc > src/slave/http.cpp b07ce7c73a90ef297d980806ebba9530d86f25ae > > > Diff: https://reviews.apache.org/r/58254/diff/2/ > > > Testing > ------- > > Testing details can be found at the end of this chain. > > > Thanks, > > Greg Mann > >
