cgroups: premount cgroups on cgroup2-only systems

Fixes: #3183
Cc: Thomas Moschny <thomas.moschny@gmx.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
index 7dfdc4e2d5e9f6a68fa3e3349cccf042109386c8..892fd915bb72de34ba768776d63d3327fd2b11ef 100644 (file)
--- a/src/lxc/cgroups/cgfsng.c
+++ b/src/lxc/cgroups/cgfsng.c
@@ -1826,11 +1826,24 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops,
                wants_force_mount = true;
        }
 
-       if (!wants_force_mount){
+       if (!wants_force_mount) {
                if (!lxc_list_empty(&handler->conf->keepcaps))
                        wants_force_mount = !in_caplist(CAP_SYS_ADMIN, &handler->conf->keepcaps);
                else
                        wants_force_mount = in_caplist(CAP_SYS_ADMIN, &handler->conf->caps);
+
+               /*
+                * Most recent distro versions currently have init system that
+                * do support cgroup2 but do not mount it by default unless
+                * explicitly told so even if the host is cgroup2 only. That
+                * means they often will fail to boot. Fix this by pre-mounting
+                * cgroup2 by default. We will likely need to be doing this a
+                * few years until all distros have switched over to cgroup2 at
+                * which point we can safely assume that their init systems
+                * will mount it themselves.
+                */
+               if (pure_unified_layout(ops))
+                       wants_force_mount = true;
        }
 
        has_cgns = cgns_supported();