[
https://issues.apache.org/jira/browse/YARN-7904?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16781002#comment-16781002
]
Suma Shivaprasad commented on YARN-7904:
----------------------------------------
+1. Will commit this by EOD if there are no objections
> Privileged, trusted containers need all of their bind-mounted directories to
> be read-only
> -----------------------------------------------------------------------------------------
>
> Key: YARN-7904
> URL: https://issues.apache.org/jira/browse/YARN-7904
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Eric Badger
> Assignee: Eric Yang
> Priority: Major
> Labels: Docker
> Attachments: YARN-7904.001.patch, YARN-7904.004.patch,
> YARN-7904.005.patch, YARN-7904.006.patch, YARN-8805.002.patch,
> YARN-8805.003.patch
>
>
> Since they will be running as some other user than themselves, the NM likely
> won't be able to clean up after them because of permissions issues. So, to
> prevent this, we should make these directories read-only.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
