Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-6747

ContainerLogger runnable must not inherit the slave environment.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.2.0
    • Fix Version/s: 1.2.0
    • Component/s: None
    • Labels:

      Description

      The ContainerLogger module which forks a child process named "mesos-logrotate-logger" does inherit the slave's environment. Specifically things like LIBPROCESS_SSL_.... variables are not meant to be picked up by that runnable and cause issues as soon as the owning user is not the same as the one owning the agent process.
      So if the agent has an SSL key setup via LIBPROCESS_SSL_KEY_FILE and if that key-file is readable by the agent user (root) only, then the mesos-logrotate-logger will try to read that file as well even though it is being run as nobody - that action will then fail the runnable and hence fail the entire task.

      Could not load key file '/my/funky/key/path/key.key' (OpenSSL error #33558541): error:0200100D:system library:fopen:Permission denied
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tillt Till Toenshoff
                Reporter:
                tillt Till Toenshoff
                Shepherd:
                Joseph Wu
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: