You are viewing a plain text version of this content. The canonical link for it is here.
Posted to yarn-issues@hadoop.apache.org by "Suma Shivaprasad (JIRA)" <ji...@apache.org> on 2019/03/01 19:05:00 UTC
[jira] [Updated] (YARN-7904) Privileged, trusted containers should
be supported only in ENTRYPOINT mode
[ https://issues.apache.org/jira/browse/YARN-7904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Suma Shivaprasad updated YARN-7904:
-----------------------------------
Summary: Privileged, trusted containers should be supported only in ENTRYPOINT mode (was: Privileged, trusted containers need all of their bind-mounted directories to be read-only)
> Privileged, trusted containers should be supported only in ENTRYPOINT mode
> --------------------------------------------------------------------------
>
> Key: YARN-7904
> URL: https://issues.apache.org/jira/browse/YARN-7904
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Eric Badger
> Assignee: Eric Yang
> Priority: Major
> Labels: Docker
> Attachments: YARN-7904.001.patch, YARN-7904.004.patch, YARN-7904.005.patch, YARN-7904.006.patch, YARN-8805.002.patch, YARN-8805.003.patch
>
>
> Since they will be running as some other user than themselves, the NM likely won't be able to clean up after them because of permissions issues. So, to prevent this, we should make these directories read-only.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org