You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ji...@apache.org on 2016/07/27 00:11:47 UTC
[1/2] mesos git commit: Updated pre exec commands as non-shell in
docker volume isolator.
Repository: mesos
Updated Branches:
refs/heads/1.0.x c9b70582e -> 7e7759b5d
Updated pre exec commands as non-shell in docker volume isolator.
By adding apostrophes to mount 'source' and 'target', arbitraty commands
defined by users postfixed to 'container_path' will take no effect.
'mount' command will return an error for invalid mount 'target'.
Review: https://reviews.apache.org/r/50215/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/dbd18fac
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/dbd18fac
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/dbd18fac
Branch: refs/heads/1.0.x
Commit: dbd18facf6212f7c54a7355ed490f1cc5ebd92d8
Parents: c9b7058
Author: Gilbert Song <so...@gmail.com>
Authored: Tue Jul 26 14:11:20 2016 -0700
Committer: Jie Yu <yu...@gmail.com>
Committed: Tue Jul 26 15:23:09 2016 -0700
----------------------------------------------------------------------
src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/dbd18fac/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
----------------------------------------------------------------------
diff --git a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
index 96806a7..70ea5ca 100644
--- a/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
+++ b/src/slave/containerizer/mesos/isolators/docker/volume/isolator.cpp
@@ -491,7 +491,7 @@ Future<Option<ContainerLaunchInfo>> DockerVolumeIsolatorProcess::_prepare(
LOG(INFO) << "Mounting docker volume mount point '" << source
<< "' to '" << target << "' for container " << containerId;
- const string command = "mount -n --rbind " + source + " " + target;
+ const string command = "mount -n --rbind '" + source + "' '" + target + "'";
launchInfo.add_pre_exec_commands()->set_value(command);
}
[2/2] mesos git commit: Added MESOS-5388 to 1.0 CHANGELOG.
Posted by ji...@apache.org.
Added MESOS-5388 to 1.0 CHANGELOG.
Review: https://reviews.apache.org/r/50472/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/7e7759b5
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/7e7759b5
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/7e7759b5
Branch: refs/heads/1.0.x
Commit: 7e7759b5d57aba81dffb51d6f9bd8c486c8c8ee9
Parents: dbd18fa
Author: Jie Yu <yu...@gmail.com>
Authored: Tue Jul 26 17:10:04 2016 -0700
Committer: Jie Yu <yu...@gmail.com>
Committed: Tue Jul 26 17:10:37 2016 -0700
----------------------------------------------------------------------
CHANGELOG | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/7e7759b5/CHANGELOG
----------------------------------------------------------------------
diff --git a/CHANGELOG b/CHANGELOG
index 54b5f31..5fa34c4 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -352,6 +352,7 @@ All Issues:
* [MESOS-5382] - Implement os::fsync
* [MESOS-5383] - Implement os::setHostname
* [MESOS-5386] - Add `HANDLE` overloads for functions that take a file descriptor
+ * [MESOS-5388] - MesosContainerizerLaunch flags execute arbitrary commands via shell
* [MESOS-5389] - docker containerizer should prefix relative volume.container_path values with the path to the sandbox.
* [MESOS-5390] - v1 Executor Protos not included in maven jar
* [MESOS-5397] - Slave/Agent Rename Phase 1: Update terms in the website