aurora-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephan Erb (JIRA)" <>
Subject [jira] [Commented] (AURORA-1909) Thermos Health Check fails for MesosContainerizer if `--nosetuid-health-checks` is set
Date Fri, 24 Mar 2017 09:42:42 GMT


Stephan Erb commented on AURORA-1909:

Regardless of the bug itself, I am wondering why you are using the {{nosetuid_health_checks}}
option. It sounds like a very severe security risk to me if you allow arbitrary users to run
their health checks as root. This might be acceptable in the DockerContainerizer which (as
far as I know) uses user namespaces, but this is not the case for the MesosContainerizer.

> Thermos Health Check fails for MesosContainerizer if `--nosetuid-health-checks` is set
> --------------------------------------------------------------------------------------
>                 Key: AURORA-1909
>                 URL:
>             Project: Aurora
>          Issue Type: Bug
>          Components: Executor
>            Reporter: Charles Raimbert
>            Assignee: Charles Raimbert
>              Labels: easyfix
> With MesosContainerizer, the sandbox is of type FileSystemImageSandbox and the health
check is performed using a "mesos-containerizer launch" process, but there is actually a code
bug in the way of getting the user under which to run the health check process:
> {code}
> health_check_user = (os.getusername() if self._nosetuid_health_checks
>             else assigned_task.task.job.role)
> {code}
> If the Aurora scheduler is configured with `--nosetuid-health-checks` then "os.getusername()"
is executed, but the python "os" module does not present a "getusername()" function.

This message was sent by Atlassian JIRA

View raw message