----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61122/#review181468 -----------------------------------------------------------
Fix it, then Ship it! src/slave/containerizer/mesos/isolators/filesystem/linux.cpp Lines 440 (patched) <https://reviews.apache.org/r/61122/#comment257076> We probably should expose a `os::stat::stat()`, but this should be: ``` return ErrnoError("Failed to stat ..."); ``` src/slave/containerizer/mesos/isolators/filesystem/linux.cpp Lines 509 (patched) <https://reviews.apache.org/r/61122/#comment257077> Should this be `UID` and `GID`? - James Peach On July 26, 2017, 6:41 a.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/61122/ > ----------------------------------------------------------- > > (Updated July 26, 2017, 6:41 a.m.) > > > Review request for mesos, Ilya Pronin, Jie Yu, James Peach, Stephan Erb, > Vinod Kone, and Jiang Yan Xu. > > > Bugs: MESOS-5187 > https://issues.apache.org/jira/browse/MESOS-5187 > > > Repository: mesos > > > Description > ------- > > This bugfix addresses the issue from MESOS-5178. Basically, the > host volume ownership was not set correctly. This issue can be > exposed if a framework user is non-root while the agent > process runs as root. Then, the non-root user does not have > permissions to write to this volume. > > The correct solution should be giving permissions to corresponding > users by leveraging supplementary groups. But we can still > introduce a workaround in this patch by changing the ownership > of this host volume to its sandbox's ownership. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/filesystem/linux.cpp > bf35b7f00d6e80672ffc27cfc3f3a2fd8de69a99 > > > Diff: https://reviews.apache.org/r/61122/diff/2/ > > > Testing > ------- > > make check > > > Thanks, > > Gilbert Song > >
