You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@mesos.apache.org by ji...@apache.org on 2016/07/26 21:14:16 UTC

mesos git commit: Updated pre exec commands as non-shell in docker volume isolator.

Repository: mesos
Updated Branches:
  refs/heads/master 922cdc795 -> 52e3fb82d


Updated pre exec commands as non-shell in docker volume isolator.

By adding apostrophes to mount 'source' and 'target', arbitraty commands
defined by users postfixed to 'container_path' will take no effect.
'mount' command will return an error for invalid mount 'target'.

Review: https://reviews.apache.org/r/50215/


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/52e3fb82
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/52e3fb82
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/52e3fb82

Branch: refs/heads/master
Commit: 52e3fb82d092fb6c030c440a8fe8c4495482500f
Parents: 922cdc7
Author: Gilbert Song <so...@gmail.com>
Authored: Tue Jul 26 14:11:20 2016 -0700
Committer: Jie Yu <yu...@gmail.com>
Committed: Tue Jul 26 14:14:00 2016 -0700

----------------------------------------------------------------------
 src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/52e3fb82/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
index 96806a7..70ea5ca 100644
--- a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
+++ b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
@@ -491,7 +491,7 @@ Future<Option<ContainerLaunchInfo>> DockerVolumeIsolatorProcess::_prepare(
     LOG(INFO) << "Mounting docker volume mount point '" << source
               << "' to '" << target  << "' for container " << containerId;
 
-    const string command = "mount -n --rbind " + source + " " + target;
+    const string command = "mount -n --rbind '" + source + "' '" + target + "'";
 
     launchInfo.add_pre_exec_commands()->set_value(command);
   }