summaryrefslogtreecommitdiff
path: root/src/test/test-nss.c
diff options
context:
space:
mode:
authorLuke Shumaker <lukeshu@lukeshu.com>2017-06-14 18:03:04 -0400
committerLuke Shumaker <lukeshu@lukeshu.com>2017-06-16 17:06:57 -0400
commit40d39b0ff8e3e5c9f148bcd820a6a570001a7182 (patch)
tree91eb87beffa8d42183e0b78c1c94841c63e8e851 /src/test/test-nss.c
parent1108b2858019c82f165fffa7eb19826d4f5a1b79 (diff)
nspawn: Be more robust when deciding to create subcgroups or chown cgroups
To demonstrate the breakage in the chown part: Be using an interactive terminal, go to spawn a shell in a container; using --register=no, and using userns. It will end up chown()ing the cgroup of your terminal session to the container! And you will be left with that after you quit the container! Similarly. the subcgroup bit will try create subcgroups for the parent and child even they share the cgroup with other processes (as they likely to if --register=no); and will find only partial success, leaving the cgroup with all controllers disabled. What we really care about is if the child process is alone in the cgroup, so we'll take a peek at cgroup.procs for that cgroup to find out.
Diffstat (limited to 'src/test/test-nss.c')
0 files changed, 0 insertions, 0 deletions