You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Zhaohui Xin (JIRA)" <ji...@apache.org> on 2018/11/30 07:43:00 UTC

[jira] [Assigned] (YARN-7904) Privileged, trusted containers need all of their bind-mounted directories to be read-only

     [ https://issues.apache.org/jira/browse/YARN-7904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Zhaohui Xin reassigned YARN-7904:
---------------------------------

    Assignee: Zhaohui Xin

> Privileged, trusted containers need all of their bind-mounted directories to be read-only
> -----------------------------------------------------------------------------------------
>
>                 Key: YARN-7904
>                 URL: https://issues.apache.org/jira/browse/YARN-7904
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Eric Badger
>            Assignee: Zhaohui Xin
>            Priority: Major
>              Labels: Docker
>
> Since they will be running as some other user than themselves, the NM likely won't be able to clean up after them because of permissions issues. So, to prevent this, we should make these directories read-only.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org