> On Jan. 5, 2018, 11:53 p.m., Ilya Pronin wrote: > > src/slave/paths.hpp > > Lines 404-405 (patched) > > <https://reviews.apache.org/r/64630/diff/1/?file=1917889#file1917889line404> > > > > Again judging by other functions here. The convention seems to be that > > the user provides a root dir path and a container ID for the function to > > construct the directory path. So the function prototype would look like > > this: > > ```cpp > > Try<std::string> createSandboxDirectory( > > const std::string& rootDir, > > const ContainerID& containerId, > > const Option<std::string>& user = None()); > > ```
The goal of this API is to centralize how to create a directory with "sandbox" semantics. We already have helpers that can be used to figure out what the sandbox paths it, and I'd like to keep those concerns separate. > On Jan. 5, 2018, 11:53 p.m., Ilya Pronin wrote: > > src/slave/paths.cpp > > Line 726 (original), 726 (patched) > > <https://reviews.apache.org/r/64630/diff/1/?file=1917890#file1917890line726> > > > > Misleading naming. Maybe we can create a function like "create, set > > mode and own" and call it from here and from `createSandboxDirectory()`? Well, consistently applying the "create, set mode and own" is the whole purpose of `createSandboxDirectory`. I added a comment to clarify. > On Jan. 5, 2018, 11:53 p.m., Ilya Pronin wrote: > > src/slave/paths.cpp > > Lines 763 (patched) > > <https://reviews.apache.org/r/64630/diff/1/?file=1917890#file1917890line763> > > > > No error checking? This can't fail since you just created the directory, but it doesn't hurt to add the check. - James ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/64630/#review194915 ----------------------------------------------------------- On Dec. 15, 2017, 12:10 a.m., James Peach wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/64630/ > ----------------------------------------------------------- > > (Updated Dec. 15, 2017, 12:10 a.m.) > > > Review request for mesos, Andrew Schwartzmeyer, Ilya Pronin, Jie Yu, and > Vinod Kone. > > > Bugs: MESOS-8332 > https://issues.apache.org/jira/browse/MESOS-8332 > > > Repository: mesos > > > Description > ------- > > Since task sandboxes can contain private data, we should not > make them accessible to others by default. This changes all the > places that create a task sandbox directory to use a helper API > `slave::paths::createSandboxPath` that consistently deals with > setting the directory mode and ownership. > > A number of tests depended on the previous behavior where > failing to change the ownership was logged but did not cause > a failure. Depending on the test, these were updated to either > disable the agent `switch_user` flag, or to specify the current > user in the task launch message. > > > Diffs > ----- > > src/slave/containerizer/mesos/containerizer.cpp > 7ab0b07f689f872573ca458ae47cd6426ebc0365 > src/slave/containerizer/mesos/paths.cpp > 8a188a918873eef468a984b80f5ea7ebaa8fb923 > src/slave/http.cpp ed22b9f6bfa1c480a0672ce25d364bba6e33a200 > src/slave/paths.hpp 9cbacd8da62e7c7386dca7031fc09a46ae773161 > src/slave/paths.cpp fca2a0eec2a75ed76028ea54dc992502275d4bce > src/tests/api_tests.cpp 86cbba4fab5e7a45298d17f3f2969391cc18be68 > src/tests/master_allocator_tests.cpp > 9bca27c7612b9ac4813f794bcc9ed38aeed078e5 > src/tests/master_authorization_tests.cpp > 676543a5ad1bb5d47011fc2a8b05dfaaeef18c64 > src/tests/slave_authorization_tests.cpp > 4ba0b8e96614a2df0daec576c08fe02462ccaa27 > > > Diff: https://reviews.apache.org/r/64630/diff/1/ > > > Testing > ------- > > make check (Fedora 27) > > > Thanks, > > James Peach > >