cgmanager: have root escape to root cgroup before starting

If a user in cgroup /a/b/c does 'lxc-start -n u1', then u1
should be started under /a/b/c/u1.  However if he does
'sudo lxc-start -n u1', then that cgroup shoudl start under
/lxc/u1.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

diff --git a/src/lxc/cgmanager.c b/src/lxc/cgmanager.c
index 60f9cbe986d56554c85d3a8056643f4634fcb96d..29a0b58fee2d8334008244c3a44b5e70b47bf394 100644 (file)
--- a/src/lxc/cgmanager.c
+++ b/src/lxc/cgmanager.c
@@ -171,6 +171,25 @@ static bool lxc_cgmanager_create(const char *controller, const char *cgroup_path
        return true;
 }
 
+static bool lxc_cgmanager_escape(void)
+{
+       pid_t me = getpid();
+       int i;
+       for (i = 0; i < nr_subsystems; i++) {
+               if (cgmanager_move_pid_abs_sync(NULL, cgroup_manager,
+                                       subsystems[i], "/", me) != 0) {
+                       NihError *nerr;
+                       nerr = nih_error_get();
+                       ERROR("call to cgmanager_move_pid_abs_sync(%s) failed: %s",
+                                       subsystems[i], nerr->message);
+                       nih_free(nerr);
+                       return false;
+               }
+       }
+
+       return true;
+}
+
 struct chown_data {
        const char *controller;
        const char *cgroup_path;
@@ -589,7 +608,12 @@ out_free:
 
 static inline bool cgm_init(struct lxc_handler *handler)
 {
-       return collect_subsytems();
+       if (!collect_subsytems())
+               return false;
+       if (geteuid())
+               return true;
+       // root;  try to escape to root cgroup
+       return lxc_cgmanager_escape();
 }
 
 static bool cgm_unfreeze_fromhandler(struct lxc_handler *handler)