-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/61122/
-----------------------------------------------------------
(Updated July 27, 2017, 6:44 p.m.)
Review request for mesos, Ilya Pronin, Jie Yu, James Peach, Stephan Erb, Vinod
Kone, and Jiang Yan Xu.
Summary (updated)
-----------------
Fixed the sandbox volume relative host path ownership.
Bugs: MESOS-5187
https://issues.apache.org/jira/browse/MESOS-5187
Repository: mesos
Description (updated)
-------
This bugfix addresses the issue from MESOS-5178. Basically, the
sandbox volume ownership was not set correctly. This issue can be
exposed if a framework user is non-root while the agent
process runs as root. Then, the non-root user does not have
permissions to write to this volume.
The correct solution should be giving permissions to corresponding
users by leveraging supplementary groups. But we can still
introduce a workaround in this patch by changing the ownership
of this sandbox volume to its sandbox's ownership.
Diffs (updated)
-----
src/slave/containerizer/mesos/isolators/filesystem/linux.cpp
bf35b7f00d6e80672ffc27cfc3f3a2fd8de69a99
Diff: https://reviews.apache.org/r/61122/diff/3/
Changes: https://reviews.apache.org/r/61122/diff/2-3/
Testing
-------
make check
Thanks,
Gilbert Song
