You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "James Peach (JIRA)" <ji...@apache.org> on 2018/02/06 00:55:00 UTC

[jira] [Created] (MESOS-8547) Mount devpts with compatible defaults.

James Peach created MESOS-8547:
----------------------------------

             Summary: Mount devpts with compatible defaults.
                 Key: MESOS-8547
                 URL: https://issues.apache.org/jira/browse/MESOS-8547
             Project: Mesos
          Issue Type: Bug
          Components: containerization
            Reporter: James Peach
            Assignee: James Peach


The Mesos containerizer mounts {{devpts}} with the following options:

{noformat}
newinstance,ptmxmode=0666
{noformat}

Some versions of glibc (e.g. [2.17|https://github.com/bminor/glibc/blob/glibc-2.17/sysdeps/unix/grantpt.c#L158] from CentOS 7) are hard-coded to expect that terminal devices are owned by the {{tty}} group, so this causes containers that allocate TTYs to expect to have to chown the TTY (see grantpt code in glibc).

Docker uses the following {{devpts}} default:
{noformat}
Options:     []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"},
{noformat}

I can think of a number of options

# hard-code the "gid=5" option
# look up the "tty" group from the host
# propagate the devpts mount options from the host
# look up the "tty" group from the container
# make it the operator's problem (i.e. add configuration)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)