From 3288ea8f32e6f4742c5ce5ffa260252f7da959cf Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 20 Nov 2019 17:42:02 +0100 Subject: [PATCH] core: set "trusted.delegate" xattr on cgroups that are delegation boundaries Let's mark cgroups that are delegation boundaries to us. This can then be used by tools such as "systemd-cgls" to show where the next manager takes over. --- src/core/cgroup.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/src/core/cgroup.c b/src/core/cgroup.c index b7718e19667..abcd057d6a3 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -617,15 +617,27 @@ static void cgroup_xattr_apply(Unit *u) { if (!MANAGER_IS_SYSTEM(u->manager)) return; - if (sd_id128_is_null(u->invocation_id)) - return; + if (!sd_id128_is_null(u->invocation_id)) { + r = cg_set_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, + "trusted.invocation_id", + sd_id128_to_string(u->invocation_id, ids), 32, + 0); + if (r < 0) + log_unit_debug_errno(u, r, "Failed to set invocation ID on control group %s, ignoring: %m", u->cgroup_path); + } - r = cg_set_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, - "trusted.invocation_id", - sd_id128_to_string(u->invocation_id, ids), 32, - 0); - if (r < 0) - log_unit_debug_errno(u, r, "Failed to set invocation ID on control group %s, ignoring: %m", u->cgroup_path); + if (unit_cgroup_delegate(u)) { + r = cg_set_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, + "trusted.delegate", + "1", 1, + 0); + if (r < 0) + log_unit_debug_errno(u, r, "Failed to set delegate flag on control group %s, ignoring: %m", u->cgroup_path); + } else { + r = cg_remove_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "trusted.delegate"); + if (r != -ENODATA) + log_unit_debug_errno(u, r, "Failed to remove delegate flag on control group %s, ignoring: %m", u->cgroup_path); + } } static int lookup_block_device(const char *p, dev_t *ret) { -- 2.39.2