> On June 13, 2017, 11:57 p.m., Jie Yu wrote: > >
Also, for nested container, we don't need to do another read only bind mount. - Jie ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57884/#review177833 ----------------------------------------------------------- On June 13, 2017, 10:02 p.m., Silas Snider wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57884/ > ----------------------------------------------------------- > > (Updated June 13, 2017, 10:02 p.m.) > > > Review request for mesos and Jie Yu. > > > Bugs: MESOS-7268 > https://issues.apache.org/jira/browse/MESOS-7268 > > > Repository: mesos > > > Description > ------- > > Ensure that host /etc/* files are mounted RDONLY by the CNI Isolator. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/network/cni/cni.cpp > 6e95315b70a5d9d3b4b21c4cf235b0a483760190 > > > Diff: https://reviews.apache.org/r/57884/diff/3/ > > > Testing > ------- > > > Thanks, > > Silas Snider > >
