[
https://issues.apache.org/jira/browse/MESOS-8257?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16810819#comment-16810819
]
Benno Evers commented on MESOS-8257:
------------------------------------
I removed the 1.8.0 target designation here and in the linked ticket since it
looks like there hasn't been any recent activity here, please feel free to
revert as you see fit.
> Unified Containerizer "leaks" a target container mount path to the host FS
> when the target resolves to an absolute path
> -----------------------------------------------------------------------------------------------------------------------
>
> Key: MESOS-8257
> URL: https://issues.apache.org/jira/browse/MESOS-8257
> Project: Mesos
> Issue Type: Bug
> Components: containerization
> Affects Versions: 1.3.1, 1.4.1, 1.5.0
> Reporter: Jason Lai
> Assignee: Jason Lai
> Priority: Critical
> Labels: bug, containerization, containerizer, mountpath
>
> If a target path under the root FS provisioned from an image resolves to an
> absolute path, it will not appear in the container root FS after
> {{pivot_root(2)}} is called.
> A typical example is that when the target path is under {{/var/run}} (e.g.
> {{/var/run/some-dir}}), which is usually a symlink to an absolute path of
> {{/run}} in Debian images, the target path will get resolved as and created
> at {{/run/some-dir}} in the host root FS, after the container root FS gets
> provisioned. The target path will get unmounted after {{pivot_root(2)}} as it
> is part of the old root (host FS).
> A workaround is to use {{/run}} instead of {{/var/run}}, but absolute
> symlinks need to be resolved within the scope of the container root FS path.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
