diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-10-08 02:18:26 -0400 | 
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2016-10-08 14:48:41 -0400 | 
| commit | 0fd9563fdeff88458f1a533ac50445abc89e56d8 (patch) | |
| tree | 041ec4af9607926e804b24fda901707932899957 | |
| parent | 27e29a1e4390415e2d5b709f3d8c2d9481b50987 (diff) | |
nspawn: use mixed cgroup hierarchy only when container has new systemd
systemd-soon-to-be-released-232 is able to deal with the mixed hierarchy.
So make an educated guess, and use the mixed hierarchy in that case.
Tested by running the host with mixed hierarchy (i.e. simply using a recent
kernel with systemd from git), and booting first a container with older systemd,
and then one with a newer systemd.
Fixes #4008.
| -rw-r--r-- | src/nspawn/nspawn.c | 23 | 
1 files changed, 15 insertions, 8 deletions
| diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 12d6eab8be..a775d1ac4f 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -316,7 +316,7 @@ static int custom_mounts_prepare(void) {          return 0;  } -static int detect_unified_cgroup_hierarchy(void) { +static int detect_unified_cgroup_hierarchy(const char *directory) {          const char *e;          int r, all_unified, systemd_unified; @@ -344,9 +344,16 @@ static int detect_unified_cgroup_hierarchy(void) {          /* Otherwise inherit the default from the host system */          if (all_unified > 0)                  arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_ALL; -        else if (systemd_unified > 0) -                arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_SYSTEMD; -        else +        else if (systemd_unified > 0) { +                /* mixed cgroup hierarchy support was added in 232 */ +                r = systemd_installation_has_version(directory, 232); +                if (r < 0) +                        return log_error_errno(r, "Failed to determine systemd version in container: %m"); +                if (r > 0) +                        arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_SYSTEMD; +                else +                        arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_NONE; +        } else                  arg_unified_cgroup_hierarchy = CGROUP_UNIFIED_NONE;          return 0; @@ -1125,10 +1132,6 @@ static int parse_argv(int argc, char *argv[]) {          arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus; -        r = detect_unified_cgroup_hierarchy(); -        if (r < 0) -                return r; -          e = getenv("SYSTEMD_NSPAWN_CONTAINER_SERVICE");          if (e)                  arg_container_service_name = e; @@ -2970,6 +2973,10 @@ static int outer_child(          if (r < 0)                  return r; +        r = detect_unified_cgroup_hierarchy(directory); +        if (r < 0) +                return r; +          if (arg_userns_mode != USER_NAMESPACE_NO) {                  /* Let the parent know which UID shift we read from the image */                  l = send(uid_shift_socket, &arg_uid_shift, sizeof(arg_uid_shift), MSG_NOSIGNAL); | 
