[libvirt] [PATCH v3] Ensure systemd cgroup ownership is delegated to container with userns
Martin Kletzander
mkletzan at redhat.com
Mon Feb 24 13:09:26 UTC 2014
On Mon, Feb 24, 2014 at 12:25:28PM +0000, Daniel P. Berrange wrote:
> From: Richard Weinberger <richard at nod.at>
>
> This function is needed for user namespaces, where we need to chmod()
> the cgroup to the initial uid/gid such that systemd is allowed to
> use the cgroup.
>
> Signed-off-by: Richard Weinberger <richard at nod.at>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
>
> Changed in v3:
>
> - Centralized all error reporting
> - Use virReportSystemError not VIR_WARN/VIR_ERROR
>
> ---
> src/libvirt_private.syms | 1 +
> src/lxc/lxc_cgroup.c | 12 +++++++++
> src/util/vircgroup.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++
> src/util/vircgroup.h | 5 ++++
> 4 files changed, 88 insertions(+)
>
[...]
> diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
> index a6d60c5..18c891c 100644
> --- a/src/util/vircgroup.c
> +++ b/src/util/vircgroup.c
> @@ -3253,6 +3253,76 @@ cleanup:
> }
>
>
> +int virCgroupSetOwner(virCgroupPtr cgroup,
> + uid_t uid,
> + gid_t gid,
> + int controllers)
> +{
> + int ret = -1;
> + size_t i;
> + char *base = NULL, *entry = NULL;
> + DIR *dh = NULL;
> +
> + for (i = 0; i < VIR_CGROUP_CONTROLLER_LAST; i++) {
> + struct dirent *de;
> +
> + if (!((1 << i) & controllers))
> + continue;
> +
> + if (!cgroup->controllers[i].mountPoint)
> + continue;
> +
> + if (virAsprintf(&base, "%s%s", cgroup->controllers[i].mountPoint,
> + cgroup->controllers[i].placement) < 0)
Indentation's off here, ACK with that fixed.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20140224/6af81894/attachment-0001.sig>
More information about the libvir-list
mailing list