You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@mesos.apache.org by Greg Mann <gr...@mesosphere.io> on 2016/12/01 21:33:43 UTC

Re: Review Request 46228: Create persistent volume with a supplied user.


> On Nov. 15, 2016, 8 p.m., Greg Mann wrote:
> > src/slave/slave.cpp, lines 2848-2850
> > <https://reviews.apache.org/r/46228/diff/2/?file=1540382#file1540382line2848>
> >
> >     What's the rationale for including the sticky bit here? I wonder if the gain in security is worth the restriction?
> 
> Anindya Sinha wrote:
>     The sticky bit ensures that the tasks only deletes files owned by it. This is particularly true for shared volumes where multiple containers have access to the same volume simultaneously and we would not like a running task deleting content from the shared volume which is actually owned by another running task at the same point of time.
>     
>     Even for non-shared volumes, sticky bit can be enforced to disallow a task deleting content from the volume which is owned by a preceding task. A `DESTROY` of the volume is done using the user of mesos-slave process (typically root) which should be able to `rmdir()` the directory to reclaim the complete disk space.

OK sounds reasonable; I think this is something we should make explicit in the documentation. Are there any docs changes in flight for this feature?


- Greg


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46228/#review155952
-----------------------------------------------------------


On Nov. 20, 2016, 4:50 p.m., Anindya Sinha wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46228/
> -----------------------------------------------------------
> 
> (Updated Nov. 20, 2016, 4:50 p.m.)
> 
> 
> Review request for mesos, Greg Mann and Jiang Yan Xu.
> 
> 
> Bugs: MESOS-4893
>     https://issues.apache.org/jira/browse/MESOS-4893
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> If user is specified in Resource::DiskInfo::Persistence, set the
> ownership of the volume to that user. Tasks should have to comply to
> ownership of the volume before they can use the volume.
> If user is not specified in Resource::DiskInfo::Persistence, it is
> created with the user mesos-slave process runs as. When the first
> task is launched, it updates the ownership of the persistent volume
> with its user so as to be able to write into that volume.
> Note that tasks can fail to use the volume when they actually try
> to access the volume is that task's ownership is not compatible
> with that of the volume.
> 
> 
> Diffs
> -----
> 
>   src/common/resources.cpp 4bb9beffcb3509f4226b4985e05eccec01412d0f 
>   src/slave/containerizer/docker.cpp c2ed5240aab9ea9d1a386c44c94e5ae7e98d313c 
>   src/slave/containerizer/mesos/isolators/filesystem/linux.cpp 8f024d084189b59bb229c63d20108e7bfe42065f 
>   src/slave/containerizer/mesos/isolators/filesystem/posix.cpp 270d2aa6e06f323bfb6eee3b703a24a600a55871 
>   src/slave/slave.cpp 521f08d59cd78f9089d58cd3294f0ee4a099cd7f 
>   src/v1/resources.cpp 46cc00f2f453f5eb4ddc4b0b9b89be2bd89f05d9 
> 
> Diff: https://reviews.apache.org/r/46228/diff/
> 
> 
> Testing
> -------
> 
> All tests passed.
> 
> 
> Thanks,
> 
> Anindya Sinha
> 
>