Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 26251200CD1 for ; Wed, 26 Jul 2017 19:04:08 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 24AA3167896; Wed, 26 Jul 2017 17:04:08 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 6AB38167870 for ; Wed, 26 Jul 2017 19:04:07 +0200 (CEST) Received: (qmail 43144 invoked by uid 500); 26 Jul 2017 17:04:06 -0000 Mailing-List: contact reviews-help@mesos.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: reviews@mesos.apache.org Delivered-To: mailing list reviews@mesos.apache.org Received: (qmail 43132 invoked by uid 99); 26 Jul 2017 17:04:06 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Jul 2017 17:04:06 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id DC9B5C040F; Wed, 26 Jul 2017 17:04:05 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 3.199 X-Spam-Level: *** X-Spam-Status: No, score=3.199 tagged_above=-999 required=6.31 tests=[HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, KAM_MANYTO=0.2, RP_MATCHES_RCVD=-0.001] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id JR0cz9Np2aOV; Wed, 26 Jul 2017 17:04:04 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 8CBB25F5B5; Wed, 26 Jul 2017 17:04:04 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 35E85E00A2; Wed, 26 Jul 2017 17:04:04 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 6FA88C4005C; Wed, 26 Jul 2017 17:04:02 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============4504825818792871571==" MIME-Version: 1.0 Subject: Re: Review Request 61122: Fixed the host volume relative host path ownership. From: James Peach To: Jiang Yan Xu , Jie Yu , Stephan Erb , Vinod Kone , Ilya Pronin , James Peach Cc: Gilbert Song , mesos Date: Wed, 26 Jul 2017 17:04:02 -0000 Message-ID: <20170726170402.50051.45868@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: James Peach X-ReviewGroup: mesos X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/61122/ X-Sender: James Peach X-ReviewBoard-ShipIt: 1 References: <20170726064152.51161.5388@reviews-vm2.apache.org> In-Reply-To: <20170726064152.51161.5388@reviews-vm2.apache.org> Reply-To: James Peach X-ReviewRequest-Repository: mesos archived-at: Wed, 26 Jul 2017 17:04:08 -0000 --===============4504825818792871571== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61122/#review181468 ----------------------------------------------------------- Fix it, then Ship it! src/slave/containerizer/mesos/isolators/filesystem/linux.cpp Lines 440 (patched) We probably should expose a `os::stat::stat()`, but this should be: ``` return ErrnoError("Failed to stat ..."); ``` src/slave/containerizer/mesos/isolators/filesystem/linux.cpp Lines 509 (patched) Should this be `UID` and `GID`? - James Peach On July 26, 2017, 6:41 a.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/61122/ > ----------------------------------------------------------- > > (Updated July 26, 2017, 6:41 a.m.) > > > Review request for mesos, Ilya Pronin, Jie Yu, James Peach, Stephan Erb, Vinod Kone, and Jiang Yan Xu. > > > Bugs: MESOS-5187 > https://issues.apache.org/jira/browse/MESOS-5187 > > > Repository: mesos > > > Description > ------- > > This bugfix addresses the issue from MESOS-5178. Basically, the > host volume ownership was not set correctly. This issue can be > exposed if a framework user is non-root while the agent > process runs as root. Then, the non-root user does not have > permissions to write to this volume. > > The correct solution should be giving permissions to corresponding > users by leveraging supplementary groups. But we can still > introduce a workaround in this patch by changing the ownership > of this host volume to its sandbox's ownership. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/filesystem/linux.cpp bf35b7f00d6e80672ffc27cfc3f3a2fd8de69a99 > > > Diff: https://reviews.apache.org/r/61122/diff/2/ > > > Testing > ------- > > make check > > > Thanks, > > Gilbert Song > > --===============4504825818792871571==--