[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16484405#comment-16484405
]
Hudson commented on YARN-7960:
--
FAILURE: Integrated in Jenkins build Hadoop-trunk-Commit #14252 (See
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16484385#comment-16484385
]
Eric Badger commented on YARN-7960:
---
Thanks [~eyang] for the review/commit!
> Add no-new-privileges flag
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16483138#comment-16483138
]
Eric Yang commented on YARN-7960:
-
+1 looks good to me.
> Add no-new-privileges flag to docker run
>
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16482548#comment-16482548
]
Eric Badger commented on YARN-7960:
---
Test doesn't fail for me locally and is in RM code, so it's
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16481384#comment-16481384
]
genericqa commented on YARN-7960:
-
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem ||
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16481175#comment-16481175
]
Eric Badger commented on YARN-7960:
---
Attaching patch 002 which uses a boolean to determine whether to
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16477861#comment-16477861
]
Eric Yang commented on YARN-7960:
-
[~ebadger] You are right. Selinux presence is not a good indicator if
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476458#comment-16476458
]
Eric Badger commented on YARN-7960:
---
bq. Eric Badger Can we run sestatus to check instead of depending on
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476416#comment-16476416
]
Eric Yang commented on YARN-7960:
-
[~ebadger] Can we run sestatus to check instead of depending on config
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476403#comment-16476403
]
Eric Badger commented on YARN-7960:
---
[~eyang], that's a good point. Thanks for chiming in. I'd say that
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476373#comment-16476373
]
genericqa commented on YARN-7960:
-
| (/) *{color:green}+1 overall{color}* |
\\
\\
|| Vote || Subsystem ||
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476330#comment-16476330
]
Eric Yang commented on YARN-7960:
-
[~ebadger] no-new-privileges option will block [selinux
[
https://issues.apache.org/jira/browse/YARN-7960?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16476290#comment-16476290
]
Eric Badger commented on YARN-7960:
---
Attaching a patch that adds {{--security-opt=no-new-privileges}} for
13 matches
Mail list logo