Remove non-functional code for setting up non-root cgroups

The virCgroupNewDriver method had a 'bool privileged' param.
If a false value was ever passed in, it would simply not
work, since non-root users don't have any privileges to create
new cgroups. Just delete this broken code entirely and make
the QEMU driver skip cgroup setup in non-privileged mode

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index 8f19057accbcb8df926f7b73c6d4fb73ab31f4b7..0a43b61e7d615dfc63e62b283b542df5fb4276d1 100644 (file)
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -580,7 +580,6 @@ virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def, bool startup)
         }
     } else {
         rc = virCgroupNewDriver("lxc",
-                                true,
                                 true,
                                 -1,
                                 &parent);

diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 0098d77ed719a5a369041403c83a97f736786ce5..9a7bffbe2fe4067b334efdc3e934622695241da0 100644 (file)
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -223,6 +223,9 @@ int qemuInitCgroup(virQEMUDriverPtr driver,
     virCgroupPtr parent = NULL;
     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
 
+    if (!cfg->privileged)
+        goto done;
+
     virCgroupFree(&priv->cgroup);
 
     if (!vm->def->resource && startup) {
@@ -283,7 +286,6 @@ int qemuInitCgroup(virQEMUDriverPtr driver,
         }
     } else {
         rc = virCgroupNewDriver("qemu",
-                                cfg->privileged,
                                 true,
                                 cfg->cgroupControllers,
                                 &parent);

diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
index 470b8a17b3c913c100660ca9abd624dc956bcf84..9a4ab67f6f51fb5b0b341aad63706996562ff51d 100644 (file)
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@@ -795,8 +795,7 @@ err:
     return rc;
 }
 
-static int virCgroupAppRoot(bool privileged,
-                            virCgroupPtr *group,
+static int virCgroupAppRoot(virCgroupPtr *group,
                             bool create,
                             int controllers)
 {
@@ -808,26 +807,7 @@ static int virCgroupAppRoot(bool privileged,
     if (rc != 0)
         return rc;
 
-    if (privileged) {
-        rc = virCgroupNew("libvirt", selfgrp, controllers, group);
-    } else {
-        char *rootname;
-        char *username;
-        username = virGetUserName(getuid());
-        if (!username) {
-            rc = -ENOMEM;
-            goto cleanup;
-        }
-        rc = virAsprintf(&rootname, "libvirt-%s", username);
-        VIR_FREE(username);
-        if (rc < 0) {
-            rc = -ENOMEM;
-            goto cleanup;
-        }
-
-        rc = virCgroupNew(rootname, selfgrp, controllers, group);
-        VIR_FREE(rootname);
-    }
+    rc = virCgroupNew("libvirt", selfgrp, controllers, group);
     if (rc != 0)
         goto cleanup;
 
@@ -1137,7 +1117,6 @@ int virCgroupNewPartition(const char *path ATTRIBUTE_UNUSED,
  */
 #if defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R
 int virCgroupNewDriver(const char *name,
-                       bool privileged,
                        bool create,
                        int controllers,
                        virCgroupPtr *group)
@@ -1145,7 +1124,7 @@ int virCgroupNewDriver(const char *name,
     int rc;
     virCgroupPtr rootgrp = NULL;
 
-    rc = virCgroupAppRoot(privileged, &rootgrp,
+    rc = virCgroupAppRoot(&rootgrp,
                           create, controllers);
     if (rc != 0)
         goto out;
@@ -1165,7 +1144,6 @@ out:
 }
 #else
 int virCgroupNewDriver(const char *name ATTRIBUTE_UNUSED,
-                       bool privileged ATTRIBUTE_UNUSED,
                        bool create ATTRIBUTE_UNUSED,
                        int controllers ATTRIBUTE_UNUSED,
                        virCgroupPtr *group ATTRIBUTE_UNUSED)

diff --git a/src/util/vircgroup.h b/src/util/vircgroup.h
index 33f86a610306b291067735f919b53d8868312751..936e09b73ebb8a9cd90fcbb25cee8055d5e6bcbf 100644 (file)
--- a/src/util/vircgroup.h
+++ b/src/util/vircgroup.h
@@ -51,7 +51,6 @@ int virCgroupNewPartition(const char *path,
     ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
 
 int virCgroupNewDriver(const char *name,
-                       bool privileged,
                        bool create,
                        int controllers,
                        virCgroupPtr *group)

diff --git a/tests/vircgrouptest.c b/tests/vircgrouptest.c
index c70441bf83ddcae6c79655eb8445839027782f97..8556bfc8cb6e64381417c99bfdc908be8589ddc1 100644 (file)
--- a/tests/vircgrouptest.c
+++ b/tests/vircgrouptest.c
@@ -140,13 +140,13 @@ static int testCgroupNewForDriver(const void *args ATTRIBUTE_UNUSED)
         [VIR_CGROUP_CONTROLLER_BLKIO] = "/libvirt/lxc",
     };
 
-    if ((rv = virCgroupNewDriver("lxc", true, false, -1, &cgroup)) != -ENOENT) {
+    if ((rv = virCgroupNewDriver("lxc", false, -1, &cgroup)) != -ENOENT) {
         fprintf(stderr, "Unexpected found LXC cgroup: %d\n", -rv);
         goto cleanup;
     }
 
     /* Asking for impossible combination since CPU is co-mounted */
-    if ((rv = virCgroupNewDriver("lxc", true, true,
+    if ((rv = virCgroupNewDriver("lxc", true,
                                  (1 << VIR_CGROUP_CONTROLLER_CPU),
                                  &cgroup)) != -EINVAL) {
         fprintf(stderr, "Should not have created LXC cgroup: %d\n", -rv);
@@ -154,7 +154,7 @@ static int testCgroupNewForDriver(const void *args ATTRIBUTE_UNUSED)
     }
 
     /* Asking for impossible combination since devices is not mounted */
-    if ((rv = virCgroupNewDriver("lxc", true, true,
+    if ((rv = virCgroupNewDriver("lxc", true,
                                  (1 << VIR_CGROUP_CONTROLLER_DEVICES),
                                  &cgroup)) != -ENOENT) {
         fprintf(stderr, "Should not have created LXC cgroup: %d\n", -rv);
@@ -162,7 +162,7 @@ static int testCgroupNewForDriver(const void *args ATTRIBUTE_UNUSED)
     }
 
     /* Asking for small combination since devices is not mounted */
-    if ((rv = virCgroupNewDriver("lxc", true, true,
+    if ((rv = virCgroupNewDriver("lxc", true,
                                  (1 << VIR_CGROUP_CONTROLLER_CPU) |
                                  (1 << VIR_CGROUP_CONTROLLER_CPUACCT) |
                                  (1 << VIR_CGROUP_CONTROLLER_MEMORY),
@@ -173,7 +173,7 @@ static int testCgroupNewForDriver(const void *args ATTRIBUTE_UNUSED)
     ret = validateCgroup(cgroup, "libvirt/lxc", mountsSmall, placementSmall);
     virCgroupFree(&cgroup);
 
-    if ((rv = virCgroupNewDriver("lxc", true, true, -1, &cgroup)) != 0) {
+    if ((rv = virCgroupNewDriver("lxc", true, -1, &cgroup)) != 0) {
         fprintf(stderr, "Cannot create LXC cgroup: %d\n", -rv);
         goto cleanup;
     }
@@ -201,7 +201,7 @@ static int testCgroupNewForDriverDomain(const void *args ATTRIBUTE_UNUSED)
         [VIR_CGROUP_CONTROLLER_BLKIO] = "/libvirt/lxc/wibble",
     };
 
-    if ((rv = virCgroupNewDriver("lxc", true, false, -1, &drivercgroup)) != 0) {
+    if ((rv = virCgroupNewDriver("lxc", false, -1, &drivercgroup)) != 0) {
         fprintf(stderr, "Cannot find LXC cgroup: %d\n", -rv);
         goto cleanup;
     }