[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15298975#comment-15298975 ] Gilbert Song commented on MESOS-4757: - [~idownes], Kevin proposed a solution for host user ->

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172869#comment-15172869 ] James Peach commented on MESOS-4757: That would work for Linux and BSD I think, but not for Darwin. I

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172842#comment-15172842 ] Jie Yu commented on MESOS-4757: --- OK, ic. Maybe I can just use a large enough number (e.g., 65536)? I think

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172836#comment-15172836 ] James Peach commented on MESOS-4757: This only works because you have < 16 groups. > Mesos

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172817#comment-15172817 ] Ian Downes commented on MESOS-4757: --- I skimmed the pull request and it looks reasonable. [~jieyu] Then

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172684#comment-15172684 ] Cong Wang commented on MESOS-4757: -- Appc already fixes this by:

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172479#comment-15172479 ] Jie Yu commented on MESOS-4757: --- [~idownes] My main concern is about the sandbox. Currently, sandbox is

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15172440#comment-15172440 ] Ian Downes commented on MESOS-4757: --- IMHO this is incorrect and highlights the inconsistent relationship

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15171311#comment-15171311 ] Jie Yu commented on MESOS-4757: --- BTW, I tested my patch on OSX (EL Capitan, 10.11.3), and it works fine.

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15171290#comment-15171290 ] Jie Yu commented on MESOS-4757: --- [~jamespeach] Can you also give me a pointer to the 'setgroups' problem you

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15171286#comment-15171286 ] Jie Yu commented on MESOS-4757: --- I am not familiar with BSD, is there a way to retain capabilities to do

[jira] [Commented] (MESOS-4757) Mesos containerizer should get uid/gids before pivot_root.

[ https://issues.apache.org/jira/browse/MESOS-4757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15171267#comment-15171267 ] James Peach commented on MESOS-4757: I think this is a problematic approach. Switching credentials