From 19af675e99d32172b58f1c91c8281ba2efd5d863 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 4 Sep 2015 09:23:07 +0200 Subject: cgroups: delegation to unprivileged services is safe in the unified hierarchy Delegation to unpriviliged processes is safe in the unified hierarchy, hence allow it. This has the benefit of permitting "systemd --user" instances to further partition their resources between user services. --- src/core/cgroup.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'src/core/cgroup.c') diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 0a5a08aeba..9a025cf929 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -507,15 +507,20 @@ CGroupMask unit_get_own_mask(Unit *u) { return 0; /* If delegation is turned on, then turn on all cgroups, - * unless the process we fork into it is known to drop - * privileges anyway, and shouldn't get access to the - * controllers anyway. */ + * unless we are on the legacy hierarchy and the process we + * fork into it is known to drop privileges, and hence + * shouldn't get access to the controllers. + * + * Note that on the unified hierarchy it is safe to delegate + * controllers to unprivileged services. */ if (c->delegate) { ExecContext *e; e = unit_get_exec_context(u); - if (!e || exec_context_maintains_privileges(e)) + if (!e || + exec_context_maintains_privileges(e) || + cg_unified() > 0) return _CGROUP_MASK_ALL; } -- cgit v1.2.3-54-g00ecf