> On July 25, 2017, 4:26 p.m., Jie Yu wrote: > > src/slave/containerizer/mesos/isolators/filesystem/linux.cpp > > Line 487 (original), 498 (patched) > > <https://reviews.apache.org/r/61122/diff/1/?file=1782380#file1782380line498> > > > > This is sandbox volume, not host volume. Let's change the commit title > > as well. > > Gilbert Song wrote: > I regard a `host_path` 1)absolute and 2)relative both as `host volume`. > Otherwise, people will get confused by `sandbox volume` vs `sandbox path > volume`. Shouldn't we define the name by `type`?
Fixed it in favor of refactor host-path to the sandbox volume in near term. - Gilbert ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/61122/#review181403 ----------------------------------------------------------- On July 25, 2017, 11:41 p.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/61122/ > ----------------------------------------------------------- > > (Updated July 25, 2017, 11:41 p.m.) > > > Review request for mesos, Ilya Pronin, Jie Yu, James Peach, Stephan Erb, > Vinod Kone, and Jiang Yan Xu. > > > Bugs: MESOS-5187 > https://issues.apache.org/jira/browse/MESOS-5187 > > > Repository: mesos > > > Description > ------- > > This bugfix addresses the issue from MESOS-5178. Basically, the > host volume ownership was not set correctly. This issue can be > exposed if a framework user is non-root while the agent > process runs as root. Then, the non-root user does not have > permissions to write to this volume. > > The correct solution should be giving permissions to corresponding > users by leveraging supplementary groups. But we can still > introduce a workaround in this patch by changing the ownership > of this host volume to its sandbox's ownership. > > > Diffs > ----- > > src/slave/containerizer/mesos/isolators/filesystem/linux.cpp > bf35b7f00d6e80672ffc27cfc3f3a2fd8de69a99 > > > Diff: https://reviews.apache.org/r/61122/diff/2/ > > > Testing > ------- > > make check > > > Thanks, > > Gilbert Song > >
