proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-24 22:28:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

cgmanager: have root escape to root cgroup before starting

Browse Source 
If a user in cgroup /a/b/c does 'lxc-start -n u1', then u1
should be started under /a/b/c/u1.  However if he does
'sudo lxc-start -n u1', then that cgroup shoudl start under
/lxc/u1.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This commit is contained in:
Serge Hallyn 2014-02-03 15:11:16 -06:00 committed by Stéphane Graber
parent c08a0b7c4e
commit 04cb990db5
1 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/lxc/cgmanager.c
View File

@ -171,6 +171,25 @@ static bool lxc_cgmanager_create(const char *controller, const char *cgroup_path
return true;
}
static bool lxc_cgmanager_escape(void)
{
pid_t me = getpid();
int i;
for (i = 0; i < nr_subsystems; i++) {
if (cgmanager_move_pid_abs_sync(NULL, cgroup_manager,
subsystems[i], "/", me) != 0) {
NihError *nerr;
nerr = nih_error_get();
ERROR("call to cgmanager_move_pid_abs_sync(%s) failed: %s",
subsystems[i], nerr->message);
nih_free(nerr);
return false;
}
}
return true;
}
struct chown_data {
const char *controller;
const char *cgroup_path;
@ -589,7 +608,12 @@ out_free:
static inline bool cgm_init(struct lxc_handler *handler)
{
return collect_subsytems();
if (!collect_subsytems())
return false;
if (geteuid())
return true;
// root; try to escape to root cgroup
return lxc_cgmanager_escape();
}
static bool cgm_unfreeze_fromhandler(struct lxc_handler *handler)