You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by al...@apache.org on 2017/03/13 18:16:12 UTC
[5/7] mesos git commit: Introduced changes to the authz protos needed
for RemoveNestedContainer.
Introduced changes to the authz protos needed for RemoveNestedContainer.
Review: https://reviews.apache.org/r/57386/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/81a5fbdc
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/81a5fbdc
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/81a5fbdc
Branch: refs/heads/master
Commit: 81a5fbdc2fc7b3c66a5cdd950c4a27cc81784181
Parents: c196389
Author: Gast�n Kleiman <ga...@mesosphere.io>
Authored: Mon Mar 13 18:22:47 2017 +0100
Committer: Alexander Rukletsov <al...@apache.org>
Committed: Mon Mar 13 19:15:40 2017 +0100
----------------------------------------------------------------------
include/mesos/authorizer/acls.proto | 12 ++++++++++++
include/mesos/authorizer/authorizer.proto | 3 +++
2 files changed, 15 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/81a5fbdc/include/mesos/authorizer/acls.proto
----------------------------------------------------------------------
diff --git a/include/mesos/authorizer/acls.proto b/include/mesos/authorizer/acls.proto
index 8389917..e75e187 100644
--- a/include/mesos/authorizer/acls.proto
+++ b/include/mesos/authorizer/acls.proto
@@ -359,6 +359,17 @@ message ACL {
required Entity users = 2;
}
+ // Which principals are authorized to remove a nested container under a top
+ // level container whose executor was launched with the given user.
+ message RemoveNestedContainer {
+ // Subjects: HTTP Username.
+ required Entity principals = 1;
+
+ // Objects: The list of operating system users (e.g., linux users) whose
+ // nested containers can be removed.
+ required Entity users = 2;
+ }
+
// Which principals are authorized to change the log level of the
// master/agent.
message SetLogLevel {
@@ -426,6 +437,7 @@ message ACLs {
launch_nested_containers_under_parent_with_user = 24;
repeated ACL.KillNestedContainer kill_nested_containers = 25;
repeated ACL.WaitNestedContainer wait_nested_containers = 26;
+ repeated ACL.RemoveNestedContainer remove_nested_containers = 33;
repeated ACL.LaunchNestedContainerSessionAsUser
launch_nested_container_sessions_as_user = 27;
repeated ACL.LaunchNestedContainerSessionUnderParentWithUser
http://git-wip-us.apache.org/repos/asf/mesos/blob/81a5fbdc/include/mesos/authorizer/authorizer.proto
----------------------------------------------------------------------
diff --git a/include/mesos/authorizer/authorizer.proto b/include/mesos/authorizer/authorizer.proto
index fdc4817..617bf6e 100644
--- a/include/mesos/authorizer/authorizer.proto
+++ b/include/mesos/authorizer/authorizer.proto
@@ -170,6 +170,9 @@ enum Action {
// This action will set objects of type `ExecutorInfo` and `FrameworkInfo`.
WAIT_NESTED_CONTAINER = 21;
+ // This action will set objects of type `ExecutorInfo` and `FrameworkInfo`.
+ REMOVE_NESTED_CONTAINER = 27;
+
// This action will always set the `ExecutorInfo`, `FrameworkInfo` fields
// and optionally a `CommandInfo` if available.
LAUNCH_NESTED_CONTAINER_SESSION = 22;