Repository: mesos Updated Branches: refs/heads/master 212486a93 -> 1fc0551db
Added flag for passing in a user to the logrotate module. This adds an optional field to the LogrotateContainerLogger's companion binary. When specified, the companion binary should switch to the given user after being launched. Review: https://reviews.apache.org/r/52308/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/120274ac Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/120274ac Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/120274ac Branch: refs/heads/master Commit: 120274ac51e5ae10e9530201ab67e56fa29edd6e Parents: 212486a Author: Sivaram Kannan <sivara...@gmail.com> Authored: Wed Nov 23 11:14:36 2016 -0800 Committer: Joseph Wu <josep...@apache.org> Committed: Wed Nov 23 11:39:05 2016 -0800 ---------------------------------------------------------------------- src/slave/container_loggers/logrotate.cpp | 11 +++++++++++ src/slave/container_loggers/logrotate.hpp | 5 +++++ 2 files changed, 16 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/120274ac/src/slave/container_loggers/logrotate.cpp ---------------------------------------------------------------------- diff --git a/src/slave/container_loggers/logrotate.cpp b/src/slave/container_loggers/logrotate.cpp index 431bc3c..61484b1 100644 --- a/src/slave/container_loggers/logrotate.cpp +++ b/src/slave/container_loggers/logrotate.cpp @@ -37,6 +37,7 @@ #include <stout/os/pagesize.hpp> #include <stout/os/shell.hpp> +#include <stout/os/su.hpp> #include <stout/os/write.hpp> #include "slave/container_loggers/logrotate.hpp" @@ -242,6 +243,16 @@ int main(int argc, char** argv) << ErrnoError("Failed to put child in a new session").message; } + // If the `--user` flag is set, change the UID of this process to that user. + if (flags.user.isSome()) { + Try<Nothing> result = os::su(flags.user.get()); + + if (result.isError()) { + EXIT(EXIT_FAILURE) + << ErrnoError("Failed to switch user for logrotate process").message; + } + } + // Asynchronously control the flow and size of logs. LogrotateLoggerProcess process(flags); spawn(&process); http://git-wip-us.apache.org/repos/asf/mesos/blob/120274ac/src/slave/container_loggers/logrotate.hpp ---------------------------------------------------------------------- diff --git a/src/slave/container_loggers/logrotate.hpp b/src/slave/container_loggers/logrotate.hpp index d1db692..96dbd2d 100644 --- a/src/slave/container_loggers/logrotate.hpp +++ b/src/slave/container_loggers/logrotate.hpp @@ -112,12 +112,17 @@ struct Flags : public virtual flags::FlagsBase return None(); }); + + add(&Flags::user, + "user", + "The user this command should run as."); } Bytes max_size; Option<std::string> logrotate_options; Option<std::string> log_filename; std::string logrotate_path; + Option<std::string> user; }; } // namespace rotate {