proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-13 22:12:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

cgroup ns: move the check for whether cgns is supported

Browse Source 
We have to do it before we join the container's mntns so we have
the host's procdir.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
This commit is contained in:
Serge Hallyn 2016-01-28 17:40:06 +01:00
parent 6361a0f2dd
commit fe3c80afc6
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/lxc/attach.c
View File

@ -720,6 +720,7 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun
int ipc_sockets[2];
int procfd;
signed long personality;
bool unshare_cgns = false;
if (!options)
options = &attach_static_default_options;
@ -930,6 +931,9 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun
rexit(-1);
}
if (options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP && cgns_supported())
unshare_cgns = true;
procfd = open("/proc", O_DIRECTORY | O_RDONLY);
if (procfd < 0) {
SYSERROR("Unable to open /proc");
@ -957,11 +961,12 @@ int lxc_attach(const char* name, const char* lxcpath, lxc_attach_exec_t exec_fun
WARN("could not change directory to '%s'", new_cwd);
free(cwd);
if (options->attach_flags & LXC_ATTACH_MOVE_TO_CGROUP && cgns_supported()) {
if (unshare_cgns) {
if (unshare(CLONE_NEWCGROUP) != 0) {
SYSERROR("cgroupns unshare: permission denied");
rexit(-1);
}
INFO("Unshared cgroup namespace");
}
/* now create the real child process */