[
https://issues.apache.org/jira/browse/MESOS-9693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16806041#comment-16806041
]
Qian Zhang commented on MESOS-9693:
-----------------------------------
{quote}1. if seccomp is not enabled, we should return failure if any fw specify
seccompInfo and return appropriate status update.
{quote}
This seems not consistent with the behavior of other isolators. Currently proto
fields will just be ignored if the related isolator is not enabled, e.g.,
`ContainerInfo.linux_info.share_pid_namespace` will be ignored if
`namespaces/pid` isolator is not enabled, `ContainerInfo.rlimit_info` will be
ignored if `posix/rlimits` isolator is not enabled. I think that is the correct
behavior. It is operator’s responsibility to enable the related isolator if
he/she wants a feature enforced.
> Add master validation for SeccompInfo.
> --------------------------------------
>
> Key: MESOS-9693
> URL: https://issues.apache.org/jira/browse/MESOS-9693
> Project: Mesos
> Issue Type: Task
> Reporter: Gilbert Song
> Assignee: Andrei Budnik
> Priority: Major
>
> 1. if seccomp is not enabled, we should return failure if any fw specify
> seccompInfo and return appropriate status update.
> 2. at most one field of profile_name and unconfined should be set. better to
> validate in master
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
