> On Jan. 31, 2016, 3:29 p.m., Stephan Erb wrote: > > With the new proposed option we'd get `--execute-as-user`, `--nosetuid`, > > and `--docker-setuid`. The last two are basically doing the same thing. > > > > Would it make sense to resolve this by pushing things up the stack and > > allow cluster administrators to provide an executor config per > > containerizer? > > Benjamin Staffin wrote: > The last two are doing the same thing, except that the existing behaviour > has the docker runner ignoring all setuid options and always running as root > (or possibly as the user set in the image def, if set). I'm still trying to > think up a better name for this new flag that doesn't require renaming the > existing ones and breaking compatibility. > > What if we replaced all three of those with something like: > `--setuid=[auto | off | always:<uid>][,nodocker]` > > With the default set to `--setuid=auto,nodocker` for the current > behaviour, > > And perhaps aliases for the old flags during a deprecation period: > `--execute-as-user=<uid>` aliased to `--setuid=always:<uid>,nodocker` > `--nosetuid` aliased to `--setuid=off` > > If we want to push this further up the stack as you suggest, what might > that interface look like? > > Stephan Erb wrote: > My idea was in the line of: When starting the the Aurora scheduler, I can > provide a different thermos command line for Docker tasks than for ordinary > Mesos tasks. > > But that will probably a more complex change than the one you have > proposed here.
I'll take a stab at implementing the --setuid=... approach tonight if that sounds sane enough for now. As far as I know it's the only place where the executor has inconsistent behavior between docker and not-docker, so in theory we won't need a bunch of special cases like this. - Benjamin ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/43027/#review117162 ----------------------------------------------------------- On Jan. 30, 2016, 10:50 p.m., Benjamin Staffin wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/43027/ > ----------------------------------------------------------- > > (Updated Jan. 30, 2016, 10:50 p.m.) > > > Review request for Aurora. > > > Bugs: AURORA-1237 > https://issues.apache.org/jira/browse/AURORA-1237 > > > Repository: aurora > > > Description > ------- > > Adds a flag to enable the new behavior. If enabled, also sets > ownership of the sandbox directory appropriately. > > > Diffs > ----- > > src/main/python/apache/aurora/executor/bin/thermos_executor_main.py > f4f5cd77b6444c225ec960c7e2cf5349a80bd344 > src/main/python/apache/aurora/executor/common/sandbox.py > 4780232318ffdf8c6bbbe78bee518886cffd580a > src/main/python/apache/aurora/executor/thermos_task_runner.py > 3896e3841562600379705dbf78a6f62728246348 > > Diff: https://reviews.apache.org/r/43027/diff/ > > > Testing > ------- > > TBD > > > Thanks, > > Benjamin Staffin > >