Open erikerlandson opened 6 years ago
Note, altering the permissions of /opt/spark/work-dir appears to be sufficient, not all of $SPARK_HOME as I assumed originally when I wrote up #538
Tangentially, I fixed a missing &&
after mkdir -p /opt/spark/work-dir
- which makes me wonder what that RUN
complex was actually doing
@foxish ptal - also curious what you think about the missing &&
that was there
Do we need this to go into the upstream as well? https://github.com/apache/spark/pull/19717 has the spark-base docker-file within the PR.
I think for people looking to customize the image using ours as base, this might be an issue - to have the owner be root. I had a discussion on the thread with Mridul in https://github.com/apache/spark/pull/19717#discussion_r154834099. Assuming that it'll be root might be tenuous when someone uses PodSecurityPolicy
to enforce a certain user.
cc @liyinan926
What changes were proposed in this pull request?
make /opt/spark/work-dir writable by gid 0 to operate better in anonymous uid scenarios
(Please fill in changes proposed in this fix)
How was this patch tested?
I'm using CI infra to fully test image creation and exercising via the unit/integration tests