[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16357316#comment-16357316 ] Ilya Pronin commented on MESOS-7069: [~jieyu] I believe this was fixed in https://reviews.apache.org/r/61122/. Closing this issue. > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: containerization >Reporter: Gilbert Song >Assignee: Ilya Pronin >Priority: Major > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16357272#comment-16357272 ] Jie Yu commented on MESOS-7069: --- [~ipronin] is this still an issue? Or we can close this one? > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: containerization >Reporter: Gilbert Song >Assignee: Ilya Pronin >Priority: Major > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16237741#comment-16237741 ] R.B. Boyer commented on MESOS-7069: --- Did 5187 make it into 1.2.2? If so then it's still broken and this ticket is relevant. > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: containerization >Reporter: Gilbert Song >Assignee: Ilya Pronin >Priority: Major > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16237560#comment-16237560 ] Julien Pepy commented on MESOS-7069: Hi, what is the status on this ticket? The review has been stalled for 6 months, and it looks to me that MESOS-5187 has fixed the issue. > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: containerization >Reporter: Gilbert Song >Assignee: Ilya Pronin >Priority: Major > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15934909#comment-15934909 ] Pierre Cheynier commented on MESOS-7069: Sorry to be late testing that. About MESOS-7007, I observe the same behavior when using this patch. > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: isolation >Reporter: Gilbert Song > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15877719#comment-15877719 ] Stephan Erb commented on MESOS-7069: Relevant patch: https://reviews.apache.org/r/56889/ > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: isolation >Reporter: Gilbert Song > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[
https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15858086#comment-15858086
]
Pierre Cheynier commented on MESOS-7069:
Hi,
Not sure if I do a mistake, but doing the same with only {{filesystem/linux}}
rather than {{filesystem/linux,filesystem/shared}} I have different behavior in
1.1...
Basically, my volume configured via `--default_container_info` is now a bind
mount and not a pure mount (meaning that the /tmp use-case described is broken
in my case).
I'm using both containerized and not containerized tasks AND always set a user
to my tasks.
> The linux filesystem isolator should set mode and ownership for host volumes.
> -
>
> Key: MESOS-7069
> URL: https://issues.apache.org/jira/browse/MESOS-7069
> Project: Mesos
> Issue Type: Bug
> Components: isolation
>Reporter: Gilbert Song
> Labels: filesystem, linux, volumes
>
> If the host path is a relative path, the linux filesystem isolator should set
> the mode and ownership for this host volume since it allows non-root user to
> write to the volume. Note that this is the case of sharing the host
> fileysystem (without rootfs).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[
https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15858068#comment-15858068
]
Ilya Pronin commented on MESOS-7069:
Internally we added the same functionality that {{filesystem/shared}} isolator
had (described in [my comment in
MESOS-6563|https://issues.apache.org/jira/browse/MESOS-6563?focusedCommentId=15683941=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15683941]).
This can be the first step.
Also {{Volume}} protobuf has the {{mode}} field. It can be used for setting
permissions on the mounted host directory.
> The linux filesystem isolator should set mode and ownership for host volumes.
> -
>
> Key: MESOS-7069
> URL: https://issues.apache.org/jira/browse/MESOS-7069
> Project: Mesos
> Issue Type: Bug
> Components: isolation
>Reporter: Gilbert Song
> Labels: filesystem, linux, volumes
>
> If the host path is a relative path, the linux filesystem isolator should set
> the mode and ownership for this host volume since it allows non-root user to
> write to the volume. Note that this is the case of sharing the host
> fileysystem (without rootfs).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (MESOS-7069) The linux filesystem isolator should set mode and ownership for host volumes.
[ https://issues.apache.org/jira/browse/MESOS-7069?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15854672#comment-15854672 ] Gilbert Song commented on MESOS-7069: - /cc [~ipronin] [~jieyu] > The linux filesystem isolator should set mode and ownership for host volumes. > - > > Key: MESOS-7069 > URL: https://issues.apache.org/jira/browse/MESOS-7069 > Project: Mesos > Issue Type: Bug > Components: isolation >Reporter: Gilbert Song > Labels: filesystem, linux, volumes > > If the host path is a relative path, the linux filesystem isolator should set > the mode and ownership for this host volume since it allows non-root user to > write to the volume. Note that this is the case of sharing the host > fileysystem (without rootfs). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
