-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61120/
-----------------------------------------------------------
Review request for mesos, Ilya Pronin, Jie Yu, James Peach, Vinod Kone, and
Jiang Yan Xu.
Bugs: MESOS-7830
https://issues.apache.org/jira/browse/MESOS-7830
Repository: mesos
Description
-------
This bugfix addresses the issue from MESOS-7830. Basically, the
sandbox path volume ownership was not set correctly. This issue
can be exposed if a framework user is non-root while the agent
process runs as root. Then, the non-root user does not have
permissions to write to this volume.
The correct solution should be giving permissions to corresponding
users by leveraging supplementary groups. But we can still
introduce a workaround in this patch by changing the ownership
of the sandbox path volume to its sandbox's ownership.
Diffs
-----
src/slave/containerizer/mesos/isolators/volume/sandbox_path.cpp
6f7304d4aa40eb1b4815ffc1fec61f7e98291cba
Diff: https://reviews.apache.org/r/61120/diff/1/
Testing
-------
make check
Thanks,
Gilbert Song
