[MESOS-4757] Mesos containerizer should get uid/gids before pivot_root. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0
Component/s: None
Labels:
None

Epic Link:
filesystem isolation
Sprint:
Mesosphere Sprint 29
Story Points:
3

Description

Currently, we call os::su(user) after pivot_root. This is problematic because /etc/passwd and /etc/group might be missing in container's root filesystem. We should instead, get the uid/gids before pivot_root, and call setuid/setgroups after pivot_root.

Attachments

Activity

People

Assignee:: Jie Yu

Reporter:: Jie Yu

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 24/Feb/16 18:47

Updated:: 10/Jul/17 19:33

Resolved:: 10/Jul/17 19:33