aurora-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benjamin Staffin <ben...@gmail.com>
Subject Re: Review Request 43027: Optionally enable setuid inside Docker containers
Date Mon, 01 Feb 2016 04:38:54 GMT


> On Jan. 31, 2016, 3:29 p.m., Stephan Erb wrote:
> > With the new proposed option we'd get `--execute-as-user`, `--nosetuid`, and `--docker-setuid`.
The last two are basically doing the same thing. 
> > 
> > Would it make sense to resolve this by pushing things up the stack and allow cluster
administrators to provide an executor config per containerizer?

The last two are doing the same thing, except that the existing behaviour has the docker runner
ignoring all setuid options and always running as root (or possibly as the user set in the
image def, if set).  I'm still trying to think up a better name for this new flag that doesn't
require renaming the existing ones and breaking compatibility.

What if we replaced all three of those with something like: `--setuid=[auto | off | always:<uid>][,nodocker]`

With the default set to `--setuid=auto,nodocker` for the current behaviour,

And perhaps aliases for the old flags during a deprecation period:
    `--execute-as-user=<uid>` aliased to `--setuid=always:<uid>,nodocker`
    `--nosetuid` aliased to `--setuid=off`

If we want to push this further up the stack as you suggest, what might that interface look
like?


- Benjamin


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43027/#review117162
-----------------------------------------------------------


On Jan. 30, 2016, 10:50 p.m., Benjamin Staffin wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43027/
> -----------------------------------------------------------
> 
> (Updated Jan. 30, 2016, 10:50 p.m.)
> 
> 
> Review request for Aurora.
> 
> 
> Bugs: AURORA-1237
>     https://issues.apache.org/jira/browse/AURORA-1237
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Adds a flag to enable the new behavior.  If enabled, also sets
> ownership of the sandbox directory appropriately.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/bin/thermos_executor_main.py f4f5cd77b6444c225ec960c7e2cf5349a80bd344

>   src/main/python/apache/aurora/executor/common/sandbox.py 4780232318ffdf8c6bbbe78bee518886cffd580a

>   src/main/python/apache/aurora/executor/thermos_task_runner.py 3896e3841562600379705dbf78a6f62728246348

> 
> Diff: https://reviews.apache.org/r/43027/diff/
> 
> 
> Testing
> -------
> 
> TBD
> 
> 
> Thanks,
> 
> Benjamin Staffin
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message