You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Chun-Hung Hsiao <ch...@mesosphere.io> on 2017/05/03 23:12:17 UTC
Re: Review Request 56889: Added setting volume mode and ownership in
LinuxFilesystemIsolator.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56889/#review173846
-----------------------------------------------------------
src/tests/containerizer/linux_filesystem_isolator_tests.cpp
Lines 253 (patched)
<https://reviews.apache.org/r/56889/#comment246893>
We should check the mode of the "tmp" directory against the container directory, not "/tmp". Also, shouldn't we use a non-root test to test the ownership?
- Chun-Hung Hsiao
On Feb. 22, 2017, 10:58 a.m., Ilya Pronin wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56889/
> -----------------------------------------------------------
>
> (Updated Feb. 22, 2017, 10:58 a.m.)
>
>
> Review request for mesos, Gilbert Song and Jie Yu.
>
>
> Bugs: MESOS-6563 and MESOS-7069
> https://issues.apache.org/jira/browse/MESOS-6563
> https://issues.apache.org/jira/browse/MESOS-7069
>
>
> Repository: mesos
>
>
> Description
> -------
>
> `LinuxFilesystemIsolator` now sets ownership and permissions of the newly created relative host path to match the absolute container path.
>
>
> Diffs
> -----
>
> src/slave/containerizer/mesos/isolators/filesystem/linux.cpp ae0031d8d8d6dfe0334b605fbb85e83de88ab436
> src/tests/containerizer/linux_filesystem_isolator_tests.cpp c27335731924509632ec96cc01a4b4415f108a30
>
>
> Diff: https://reviews.apache.org/r/56889/diff/1/
>
>
> Testing
> -------
>
> Added permissions and ownerchip check to `LinuxFilesystemIsolatorTest.ROOT_VolumeFromSandbox`. Ran `make check`.
>
>
> Thanks,
>
> Ilya Pronin
>
>
Re: Review Request 56889: Added setting volume mode and ownership in
LinuxFilesystemIsolator.
Posted by Chun-Hung Hsiao <ch...@mesosphere.io>.
> On May 3, 2017, 11:12 p.m., Chun-Hung Hsiao wrote:
> > src/tests/containerizer/linux_filesystem_isolator_tests.cpp
> > Lines 253 (patched)
> > <https://reviews.apache.org/r/56889/diff/1/?file=1640924#file1640924line253>
> >
> > We should check the mode of the "tmp" directory against the container directory, not "/tmp". Also, shouldn't we use a non-root test to test the ownership?
>
> Chun-Hung Hsiao wrote:
> Sorry I mean a root test with a task executed by some other user. Not sure if we can do this in the unit test.
Oops. I misunderstood the ownership. I was thinking about chown/chmod to be the same as the sandbox.
- Chun-Hung
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56889/#review173846
-----------------------------------------------------------
On Feb. 22, 2017, 10:58 a.m., Ilya Pronin wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56889/
> -----------------------------------------------------------
>
> (Updated Feb. 22, 2017, 10:58 a.m.)
>
>
> Review request for mesos, Gilbert Song and Jie Yu.
>
>
> Bugs: MESOS-6563 and MESOS-7069
> https://issues.apache.org/jira/browse/MESOS-6563
> https://issues.apache.org/jira/browse/MESOS-7069
>
>
> Repository: mesos
>
>
> Description
> -------
>
> `LinuxFilesystemIsolator` now sets ownership and permissions of the newly created relative host path to match the absolute container path.
>
>
> Diffs
> -----
>
> src/slave/containerizer/mesos/isolators/filesystem/linux.cpp ae0031d8d8d6dfe0334b605fbb85e83de88ab436
> src/tests/containerizer/linux_filesystem_isolator_tests.cpp c27335731924509632ec96cc01a4b4415f108a30
>
>
> Diff: https://reviews.apache.org/r/56889/diff/1/
>
>
> Testing
> -------
>
> Added permissions and ownerchip check to `LinuxFilesystemIsolatorTest.ROOT_VolumeFromSandbox`. Ran `make check`.
>
>
> Thanks,
>
> Ilya Pronin
>
>
Re: Review Request 56889: Added setting volume mode and ownership in
LinuxFilesystemIsolator.
Posted by Chun-Hung Hsiao <ch...@mesosphere.io>.
> On May 3, 2017, 11:12 p.m., Chun-Hung Hsiao wrote:
> > src/tests/containerizer/linux_filesystem_isolator_tests.cpp
> > Lines 253 (patched)
> > <https://reviews.apache.org/r/56889/diff/1/?file=1640924#file1640924line253>
> >
> > We should check the mode of the "tmp" directory against the container directory, not "/tmp". Also, shouldn't we use a non-root test to test the ownership?
Sorry I mean a root test with a task executed by some other user. Not sure if we can do this in the unit test.
- Chun-Hung
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56889/#review173846
-----------------------------------------------------------
On Feb. 22, 2017, 10:58 a.m., Ilya Pronin wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56889/
> -----------------------------------------------------------
>
> (Updated Feb. 22, 2017, 10:58 a.m.)
>
>
> Review request for mesos, Gilbert Song and Jie Yu.
>
>
> Bugs: MESOS-6563 and MESOS-7069
> https://issues.apache.org/jira/browse/MESOS-6563
> https://issues.apache.org/jira/browse/MESOS-7069
>
>
> Repository: mesos
>
>
> Description
> -------
>
> `LinuxFilesystemIsolator` now sets ownership and permissions of the newly created relative host path to match the absolute container path.
>
>
> Diffs
> -----
>
> src/slave/containerizer/mesos/isolators/filesystem/linux.cpp ae0031d8d8d6dfe0334b605fbb85e83de88ab436
> src/tests/containerizer/linux_filesystem_isolator_tests.cpp c27335731924509632ec96cc01a4b4415f108a30
>
>
> Diff: https://reviews.apache.org/r/56889/diff/1/
>
>
> Testing
> -------
>
> Added permissions and ownerchip check to `LinuxFilesystemIsolatorTest.ROOT_VolumeFromSandbox`. Ran `make check`.
>
>
> Thanks,
>
> Ilya Pronin
>
>