Return-Path: 
 <reviews-return-13415-apmail-aurora-reviews-archive=aurora.apache.org@aurora.apache.org>
X-Original-To: apmail-aurora-reviews-archive@minotaur.apache.org
Delivered-To: apmail-aurora-reviews-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2ECBB188B9
	for <apmail-aurora-reviews-archive@minotaur.apache.org>;
 Mon,  1 Feb 2016 18:15:47 +0000 (UTC)
Received: (qmail 76289 invoked by uid 500); 1 Feb 2016 18:15:47 -0000
Delivered-To: apmail-aurora-reviews-archive@aurora.apache.org
Received: (qmail 76235 invoked by uid 500); 1 Feb 2016 18:15:47 -0000
Mailing-List: contact reviews-help@aurora.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:reviews-help@aurora.apache.org>
List-Unsubscribe: <mailto:reviews-unsubscribe@aurora.apache.org>
List-Post: <mailto:reviews@aurora.apache.org>
List-Id: <reviews.aurora.apache.org>
Reply-To: reviews@aurora.apache.org
Delivered-To: mailing list reviews@aurora.apache.org
Received: (qmail 76212 invoked by uid 99); 1 Feb 2016 18:15:46 -0000
Received: from reviews-vm.apache.org (HELO reviews.apache.org) (140.211.11.40)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Feb 2016 18:15:46 +0000
Received: from reviews.apache.org (localhost [127.0.0.1])
	by reviews.apache.org (Postfix) with ESMTP id B7E8928A007;
	Mon,  1 Feb 2016 18:15:45 +0000 (UTC)
Content-Type: multipart/alternative;
 boundary="===============3390766705418707716=="
MIME-Version: 1.0
Subject: Re: Review Request 43027: Optionally enable setuid inside Docker
 containers
From: Stephan Erb <stephan@dev.static-void.de>
To: Aurora <reviews@aurora.apache.org>, Benjamin Staffin <benley@gmail.com>,
 Aurora ReviewBot <wfarner@apache.org>
Date: Mon, 01 Feb 2016 18:15:45 -0000
Message-ID: <20160201181545.30946.17436@reviews.apache.org>
X-ReviewBoard-URL: https://reviews.apache.org/
Auto-Submitted: auto-generated
Sender: Stephan Erb <noreply@reviews.apache.org>
X-ReviewGroup: Aurora
X-Auto-Response-Suppress: DR, RN, OOF, AutoReply
X-ReviewRequest-URL: https://reviews.apache.org/r/43027/
X-Sender: Stephan Erb <noreply@reviews.apache.org>
References: <20160131232929.30946.66468@reviews.apache.org>
In-Reply-To: <20160131232929.30946.66468@reviews.apache.org>
Reply-To: Stephan Erb <stephan@dev.static-void.de>
X-ReviewRequest-Repository: aurora

--===============3390766705418707716==
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit



> On Feb. 1, 2016, 12:29 a.m., Stephan Erb wrote:
> > With the new proposed option we'd get `--execute-as-user`, `--nosetuid`, and `--docker-setuid`. The last two are basically doing the same thing. 
> > 
> > Would it make sense to resolve this by pushing things up the stack and allow cluster administrators to provide an executor config per containerizer?
> 
> Benjamin Staffin wrote:
>     The last two are doing the same thing, except that the existing behaviour has the docker runner ignoring all setuid options and always running as root (or possibly as the user set in the image def, if set).  I'm still trying to think up a better name for this new flag that doesn't require renaming the existing ones and breaking compatibility.
>     
>     What if we replaced all three of those with something like: `--setuid=[auto | off | always:<uid>][,nodocker]`
>     
>     With the default set to `--setuid=auto,nodocker` for the current behaviour,
>     
>     And perhaps aliases for the old flags during a deprecation period:
>         `--execute-as-user=<uid>` aliased to `--setuid=always:<uid>,nodocker`
>         `--nosetuid` aliased to `--setuid=off`
>     
>     If we want to push this further up the stack as you suggest, what might that interface look like?

My idea was in the line of: When starting the the Aurora scheduler, I can provide a different thermos command line for Docker tasks than for ordinary Mesos tasks. 

But that will probably a more complex change than the one you have proposed here.


- Stephan


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/43027/#review117162
-----------------------------------------------------------


On Jan. 31, 2016, 7:50 a.m., Benjamin Staffin wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/43027/
> -----------------------------------------------------------
> 
> (Updated Jan. 31, 2016, 7:50 a.m.)
> 
> 
> Review request for Aurora.
> 
> 
> Bugs: AURORA-1237
>     https://issues.apache.org/jira/browse/AURORA-1237
> 
> 
> Repository: aurora
> 
> 
> Description
> -------
> 
> Adds a flag to enable the new behavior.  If enabled, also sets
> ownership of the sandbox directory appropriately.
> 
> 
> Diffs
> -----
> 
>   src/main/python/apache/aurora/executor/bin/thermos_executor_main.py f4f5cd77b6444c225ec960c7e2cf5349a80bd344 
>   src/main/python/apache/aurora/executor/common/sandbox.py 4780232318ffdf8c6bbbe78bee518886cffd580a 
>   src/main/python/apache/aurora/executor/thermos_task_runner.py 3896e3841562600379705dbf78a6f62728246348 
> 
> Diff: https://reviews.apache.org/r/43027/diff/
> 
> 
> Testing
> -------
> 
> TBD
> 
> 
> Thanks,
> 
> Benjamin Staffin
> 
>


--===============3390766705418707716==--