diff options
| -rw-r--r-- | src/nspawn/nspawn-cgroup.c | 27 |
1 files changed, 15 insertions, 12 deletions
diff --git a/src/nspawn/nspawn-cgroup.c b/src/nspawn/nspawn-cgroup.c index e939232b9e..df0044990a 100644 --- a/src/nspawn/nspawn-cgroup.c +++ b/src/nspawn/nspawn-cgroup.c @@ -80,7 +80,7 @@ static int chown_cgroup(pid_t pid, uid_t uid_shift) { static int sync_cgroup(pid_t pid, CGroupUnified outer_cgver, CGroupUnified inner_cgver, uid_t uid_shift) { _cleanup_free_ char *cgroup = NULL; - char tree[] = "/tmp/unifiedXXXXXX", pid_string[DECIMAL_STR_MAX(pid) + 1]; + char mountpoint[] = "/tmp/containerXXXXXX", pid_string[DECIMAL_STR_MAX(pid) + 1]; bool undo_mount = false; const char *fn; int r; @@ -101,15 +101,15 @@ static int sync_cgroup(pid_t pid, CGroupUnified outer_cgver, CGroupUnified inner if (r < 0) return log_error_errno(r, "Failed to get control group of " PID_FMT ": %m", pid); - /* In order to access the unified hierarchy we need to mount it */ - if (!mkdtemp(tree)) - return log_error_errno(errno, "Failed to generate temporary mount point for unified hierarchy: %m"); + /* In order to access the container's hierarchy we need to mount it */ + if (!mkdtemp(mountpoint)) + return log_error_errno(errno, "Failed to generate temporary mount point for container hierarchy: %m"); if (outer_cgver >= CGROUP_UNIFIED_SYSTEMD) { - r = mount_verbose(LOG_ERR, "cgroup", tree, "cgroup", + r = mount_verbose(LOG_ERR, "cgroup", mountpoint, "cgroup", MS_NOSUID|MS_NOEXEC|MS_NODEV, "none,name=systemd,xattr"); else - r = mount_verbose(LOG_ERR, "cgroup", tree, "cgroup2", + r = mount_verbose(LOG_ERR, "cgroup", mountpoint, "cgroup2", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL); if (r < 0) goto finish; @@ -119,10 +119,10 @@ static int sync_cgroup(pid_t pid, CGroupUnified outer_cgver, CGroupUnified inner /* If nspawn dies abruptly the cgroup hierarchy created below * its unit isn't cleaned up. So, let's remove it * https://github.com/systemd/systemd/pull/4223#issuecomment-252519810 */ - fn = strjoina(tree, cgroup); + fn = strjoina(mountpoint, cgroup); (void) rm_rf(fn, REMOVE_ROOT|REMOVE_ONLY_DIRECTORIES); - fn = strjoina(tree, cgroup, "/cgroup.procs"); + fn = strjoina(mountpoint, cgroup, "/cgroup.procs"); (void) mkdir_parents(fn, 0755); sprintf(pid_string, PID_FMT, pid); @@ -132,15 +132,15 @@ static int sync_cgroup(pid_t pid, CGroupUnified outer_cgver, CGroupUnified inner goto finish; } - fn = strjoina(tree, cgroup); + fn = strjoina(mountpoint, cgroup); r = chown_cgroup_path(fn, uid_shift); if (r < 0) log_error_errno(r, "Failed to chown() cgroup %s: %m", fn); finish: if (undo_mount) - (void) umount_verbose(tree); + (void) umount_verbose(mountpoint); - (void) rmdir(tree); + (void) rmdir(mountpoint); return r; } @@ -230,7 +230,7 @@ static int get_v1_hierarchies(Set *subsystems) { *e = 0; - if (STR_IN_SET(l, "", "name=systemd")) + if (streq(l, "")) continue; p = strdup(l); @@ -342,6 +342,9 @@ static int mount_legacy_cgns_supported( if (!hierarchy) break; + if (streq(hierarchy, "name=systemd")) + continue; + r = mount_legacy_cgroup_hierarchy("", hierarchy, hierarchy, inner_cgver, !userns); if (r < 0) return r; |