首页 发现 帮助
注册 登录
apache
/
hadoop
镜像自地址 https://github.com/apache/hadoop.git
2
0
派生 1
文件 工单管理 0 Wiki
浏览代码

YARN-5394. Remove bind-mount /etc/passwd for Docker containers. Contributed by Zhankun Tang.

Varun Vasudev 8 年之前
父节点
82c9e06101
当前提交
522ddbde79
共有 2 个文件被更改,包括 1 次插入6 次删除
分列视图 显示文件统计
  1. 1 2
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
  2. 0 4
      hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java

+ 1 - 2
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
查看文件 

@@ -343,8 +343,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
 
         .detachOnRun()
 
         .setContainerWorkDir(containerWorkDir.toString())
 
         .setNetworkType(network)
 
-        .setCapabilities(capabilities)
 
-        .addMountLocation("/etc/passwd", "/etc/password:ro");
 
+        .setCapabilities(capabilities);
 
     List<String> allDirs = new ArrayList<>(containerLocalDirs);
 
 
     allDirs.addAll(filecacheDirs);

+ 0 - 4
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
查看文件 

@@ -276,7 +276,6 @@ public class TestDockerContainerRuntime {
 
         .append("--workdir=%3$s ")
 
         .append("--net=host ")
 
         .append(getExpectedTestCapabilitiesArgumentString())
 
-        .append("-v /etc/passwd:/etc/password:ro ")
 
         .append("-v %4$s:%4$s ")
 
         .append("-v %5$s:%5$s ")
 
         .append("-v %6$s:%6$s ")
 
@@ -382,7 +381,6 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + allowedNetwork + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
-            .append("-v /etc/passwd:/etc/password:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")
 
@@ -437,7 +435,6 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + customNetwork1 + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
-            .append("-v /etc/passwd:/etc/password:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")
 
@@ -474,7 +471,6 @@ public class TestDockerContainerRuntime {
 
             .append("--workdir=%3$s ")
 
             .append("--net=" + customNetwork2 + " ")
 
             .append(getExpectedTestCapabilitiesArgumentString())
 
-            .append("-v /etc/passwd:/etc/password:ro ")
 
             .append("-v %4$s:%4$s ").append("-v %5$s:%5$s ")
 
             .append("-v %6$s:%6$s ").append("-v %7$s:%7$s ")
 
             .append("-v %8$s:%8$s ").append("%9$s ")