> On June 8, 2017, 4:10 p.m., Kapil Arya wrote: > > src/slave/containerizer/docker.cpp > > Line 423 (original), 423 (patched) > > <https://reviews.apache.org/r/59898/diff/1/?file=1744125#file1744125line423> > > > > I'm wondering if we should add a comment that explains what happens if > > we pass `None()` in there. E.g., if no user is specified, the files are > > owned by root (?) or something similar.
Tough question actually ... So the `Fetcher::fetch` interface describes things as follows: ``` // Download the URIs specified in the command info and place the // resulting files into the given sandbox directory. Chmod said files // to the user if given. Send stdout and stderr output to files // "stdout" and "stderr" in the given directory. Extract archives and/or // use the cache if so instructed by the given CommandInfo::URI items. ``` This is a bit unclear in fact. Truth is, there are two paths into explicit ownership; - the `user` supplied explicitly to `fetch` which comes from `ContainerConfig.user` which in turn comes from the `FrameworkInfo.user` - `CommandInfo`s `user` which may be explicitly supplied with the command The "stdout/stderr" ownership priorities are; 1: CommandInfo user 2: FrameworkInfo user 3: agent owner -> fetcher owner We should indeed follow-up and explain that somewhere in detail -- but where would be a good place for that? - Till ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/59898/#review177317 ----------------------------------------------------------- On June 7, 2017, 11:11 p.m., Till Toenshoff wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/59898/ > ----------------------------------------------------------- > > (Updated June 7, 2017, 11:11 p.m.) > > > Review request for mesos, Adam B, Kapil Arya, and Joseph Wu. > > > Bugs: MESOS-7640 > https://issues.apache.org/jira/browse/MESOS-7640 > > > Repository: mesos > > > Description > ------- > > Without this patch, the Docker containerizer would not inherit the > ownership of stdout/stderr from the FrameworkInfo user. This issue > got introduced recently in the refactorings of the Docker > containerizer. > > > Diffs > ----- > > src/slave/containerizer/docker.cpp 9f84109d7de22a39ace6e44e0c7d8d501bcb24de > > > Diff: https://reviews.apache.org/r/59898/diff/2/ > > > Testing > ------- > > make check && functional test > > > Thanks, > > Till Toenshoff > >
