You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "James Peach (JIRA)" <ji...@apache.org> on 2018/02/06 00:55:00 UTC
[jira] [Created] (MESOS-8547) Mount devpts with compatible
defaults.
James Peach created MESOS-8547:
----------------------------------
Summary: Mount devpts with compatible defaults.
Key: MESOS-8547
URL: https://issues.apache.org/jira/browse/MESOS-8547
Project: Mesos
Issue Type: Bug
Components: containerization
Reporter: James Peach
Assignee: James Peach
The Mesos containerizer mounts {{devpts}} with the following options:
{noformat}
newinstance,ptmxmode=0666
{noformat}
Some versions of glibc (e.g. [2.17|https://github.com/bminor/glibc/blob/glibc-2.17/sysdeps/unix/grantpt.c#L158] from CentOS 7) are hard-coded to expect that terminal devices are owned by the {{tty}} group, so this causes containers that allocate TTYs to expect to have to chown the TTY (see grantpt code in glibc).
Docker uses the following {{devpts}} default:
{noformat}
Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
{noformat}
I can think of a number of options
# hard-code the "gid=5" option
# look up the "tty" group from the host
# propagate the devpts mount options from the host
# look up the "tty" group from the container
# make it the operator's problem (i.e. add configuration)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)