Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-8257

Unified Containerizer "leaks" a target container mount path to the host FS when the target resolves to an absolute path

    XMLWordPrintableJSON

Details

    Description

      If a target path under the root FS provisioned from an image resolves to an absolute path, it will not appear in the container root FS after pivot_root(2) is called.

      A typical example is that when the target path is under /var/run (e.g. /var/run/some-dir), which is usually a symlink to an absolute path of /run in Debian images, the target path will get resolved as and created at /run/some-dir in the host root FS, after the container root FS gets provisioned. The target path will get unmounted after pivot_root(2) as it is part of the old root (host FS).

      A workaround is to use /run instead of /var/run, but absolute symlinks need to be resolved within the scope of the container root FS path.

      Attachments

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. MESOS-6798 Volumes in `/dev/shm` overridden by mesos containerizer

          • Major - Major loss of function.
          • In Progress

          Activity

            People

              jasonlai Jason Lai
              jasonlai Jason Lai
              Jie Yu Jie Yu
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated: