From ae018d9bc900d6355dea4af05119b49c67945184 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 22 Apr 2013 23:10:13 -0300 Subject: cgroup: make sure all our cgroup objects have a suffix and are properly escaped Session objects will now get the .session suffix, user objects the .user suffix, nspawn containers the .nspawn suffix. This also changes the user cgroups to be named after the numeric UID rather than the username, since this allows us the parse these paths standalone without requiring access to the cgroup file system. This also changes the mapping of instanced units to cgroups. Instead of mapping foo@bar.service to the cgroup path /user/foo@.service/bar we will now map it to /user/foo@.service/foo@bar.service, in order to ensure that all our objects are properly suffixed in the tree. --- src/nspawn/nspawn.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'src/nspawn') diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 1e7df38c16..7b41571034 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1212,7 +1212,7 @@ finish: int main(int argc, char *argv[]) { pid_t pid = 0; int r = EXIT_FAILURE, k; - _cleanup_free_ char *machine_root = NULL, *newcg = NULL; + _cleanup_free_ char *machine_root = NULL, *name = NULL, *escaped = NULL, *newcg = NULL; _cleanup_close_ int master = -1; int n_fd_passed; const char *console = NULL; @@ -1298,9 +1298,21 @@ int main(int argc, char *argv[]) { goto finish; } - newcg = strjoin(machine_root, "/", arg_machine, ".nspawn", NULL); + name = strappend(arg_machine, ".nspawn"); + if (!name) { + log_oom(); + goto finish; + } + + escaped = cg_escape(name); + if (!escaped) { + log_oom(); + goto finish; + } + + newcg = strjoin(machine_root, "/", escaped, NULL); if (!newcg) { - log_error("Failed to allocate cgroup path."); + log_oom(); goto finish; } -- cgit v1.2.3-54-g00ecf