[jira] [Comment Edited] (MESOS-5856) Logrotate ContainerLogger module does not rotate logs when run as root with `--switch_user`.

Wed, 23 Nov 2016 11:38:09 -0800 

    [ 
https://issues.apache.org/jira/browse/MESOS-5856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15544010#comment-15544010
 ] 

Joseph Wu edited comment on MESOS-5856 at 11/23/16 7:36 PM:
------------------------------------------------------------

| https://reviews.apache.org/r/52308/ | Add user flag to logger companion 
binary |
| https://reviews.apache.org/r/52310/ | Switch user in logger companion binary |
| https://reviews.apache.org/r/53473/ | Change ContainerLogger interface | 
| https://reviews.apache.org/r/53699/ | Some tests |


was (Author: kaysoky):
| https://reviews.apache.org/r/52308/ | Add user flag to logger companion 
binary |
| https://reviews.apache.org/r/52309/ | Pass user from module to companion 
binary |
| https://reviews.apache.org/r/53473/ | Change ContainerLogger interface | 
| https://reviews.apache.org/r/53699/ | Some tests |

> Logrotate ContainerLogger module does not rotate logs when run as root with 
> `--switch_user`.
> --------------------------------------------------------------------------------------------
>
>                 Key: MESOS-5856
>                 URL: https://issues.apache.org/jira/browse/MESOS-5856
>             Project: Mesos
>          Issue Type: Bug
>    Affects Versions: 0.27.0, 0.28.0, 1.0.0
>            Reporter: Joseph Wu
>            Assignee: Sivaram Kannan
>            Priority: Critical
>              Labels: logger, mesosphere, newbie
>
> The logrotate ContainerLogger module runs as the agent's user.  In most 
> cases, this is {{root}}.
> When {{logrotate}} is run as root, there is an additional check the 
> configuration files must pass (because a root {{logrotate}} needs to be 
> secured against non-root modifications to the configuration):
> https://github.com/logrotate/logrotate/blob/fe80cb51a2571ca35b1a7c8ba0695db5a68feaba/config.c#L807-L815
> Log rotation will fail under the following scenario:
> 1) The agent is run with {{--switch_user}} (default: true)
> 2) A task is launched with a non-root user specified
> 3) The logrotate module spawns a few companion processes (as root) and this 
> creates the {{stdout}}, {{stderr}}, {{stdout.logrotate.conf}}, and 
> {{stderr.logrotate.conf}} files (as root).  This step races with the next 
> step.
> 4) The Mesos containerizer and Fetcher will {{chown}} the task's sandbox to 
> the non-root user.  Including the files just created.
> 5) When {{logrotate}} is run, it will skip any non-root configuration files.  
> This means the files are not rotated.
> ----
> Fix: The logrotate module's companion processes should call {{setuid}} and 
> {{setgid}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to