aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephan Erb <step...@dev.static-void.de>
Subject Re: Review Request 43027: Optionally enable setuid inside Docker containers
Date Sun, 31 Jan 2016 23:29:29 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43027/#review117162
-----------------------------------------------------------



With the new proposed option we'd get `--execute-as-user`, `--nosetuid`, and `--docker-setuid`.
The last two are basically doing the same thing. 

Would it make sense to resolve this by pushing things up the stack and allow cluster administrators
to provide an executor config per containerizer?

- Stephan Erb


On Jan. 31, 2016, 7:50 a.m., Benjamin Staffin wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43027/
> -----------------------------------------------------------
> 
> (Updated Jan. 31, 2016, 7:50 a.m.)
> 
> 
> Review request for Aurora.
> 
> 
> Bugs: AURORA-1237
>     https://issues.apache.org/jira/browse/AURORA-1237
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Adds a flag to enable the new behavior.  If enabled, also sets
> ownership of the sandbox directory appropriately.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/bin/thermos_executor_main.py f4f5cd77b6444c225ec960c7e2cf5349a80bd344

>   src/main/python/apache/aurora/executor/common/sandbox.py 4780232318ffdf8c6bbbe78bee518886cffd580a

>   src/main/python/apache/aurora/executor/thermos_task_runner.py 3896e3841562600379705dbf78a6f62728246348

> 
> Diff: https://reviews.apache.org/r/43027/diff/
> 
> 
> Testing
> -------
> 
> TBD
> 
> 
> Thanks,
> 
> Benjamin Staffin
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message