.TP
.B -f, --fperm=mode
-sets the default permissions of the control groups and tasks files.
+sets the default permissions of the control group files.
+The permissions needs to be specified as octal numbers e.g.
+\fB-f 775\fR.
+The value is not used as given because the current owner's
+permissions are used as an umask (so 777 will set group and
+others permissions to the owners permissions).
+
+.TP
+.B -s, --tperm=mode
+sets the default permissions of the control group tasks files.
The permissions needs to be specified as octal numbers e.g.
\fB-f 775\fR.
The value is not used as given because the current owner's
.TP
.B -f, --fperm mode
-sets the permissions of the control groups and tasks files.
+sets the permissions of the control groups parameters.
The permissions needs to be specified as octal numbers e.g.
\fB-f 775\fR.
The value is not used as given because the current owner's
.B -h, --help
display this help and exit
+.TP
+.B -s, --tperm mode
+sets the permissions of the control group tasks file.
+The permissions needs to be specified as octal numbers e.g.
+\fB-f 775\fR.
+The value is not used as given because the current owner's
+permissions are used as an umask (so 777 will set group and
+others permissions to the owners permissions).
+
.TP
.B -t <tuid>:<tgid>
defines the name of the user and the group, which owns tasks
" permissions\n");
printf(" -f, --fperm mode Default group file"\
" permissions\n");
+ printf(" -s --tperm mode Default tasks file"
+ " permissions\n");
printf(" -t <tuid>:<tgid> Default owner of the tasks "
"file");
exit(2);
{"admin", required_argument, NULL, 'a'},
{"dperm", required_argument, NULL, 'd'},
{"fperm", required_argument, NULL, 'f' },
+ {"tperm", required_argument, NULL, 's' },
{0, 0, 0, 0}
};
uid_t tuid = NO_UID_GID, auid = NO_UID_GID;
gid_t tgid = NO_UID_GID, agid = NO_UID_GID;
mode_t dir_mode = NO_PERMS;
mode_t file_mode = NO_PERMS;
+ mode_t tasks_mode = NO_PERMS;
int dirm_change = 0;
int filem_change = 0;
struct cgroup *default_group = NULL;
ret = cgroup_string_list_init(&cfg_files, argc/2);
- while ((c = getopt_long(argc, argv, "hl:L:t:a:d:f:", options,
+ while ((c = getopt_long(argc, argv, "hl:L:t:a:d:f:s:", options,
NULL)) > 0) {
switch (c) {
case 'h':
filem_change = 1;
ret = parse_mode(optarg, &file_mode, argv[0]);
break;
+ case 's':
+ filem_change = 1;
+ ret = parse_mode(optarg, &tasks_mode, argv[0]);
+ break;
default:
usage(argv[0]);
break;
if (dirm_change | filem_change) {
cgroup_set_permissions(default_group, dir_mode, file_mode,
- file_mode);
+ tasks_mode);
}
error = cgroup_config_set_default(default_group);
"group which should be added\n");
fprintf(stdout, " -h, --help Display "\
"this help\n");
+ fprintf(stdout, " -s --tperm mode Tasks "\
+ "file permissions\n");
fprintf(stdout, " -t <tuid>:<tgid> Set "\
"the task permission\n");
}
{"", required_argument, NULL, 'g'},
{"dperm", required_argument, NULL, 'd'},
{"fperm", required_argument, NULL, 'f' },
+ {"tperm", required_argument, NULL, 's' },
{0, 0, 0, 0},
};
/* permission variables */
mode_t dir_mode = NO_PERMS;
mode_t file_mode = NO_PERMS;
+ mode_t tasks_mode = NO_PERMS;
int dirm_change = 0;
int filem_change = 0;
}
/* parse arguments */
- while ((c = getopt_long(argc, argv, "a:t:g:hd:f:", long_opts, NULL))
+ while ((c = getopt_long(argc, argv, "a:t:g:hd:f:s:", long_opts, NULL))
> 0) {
switch (c) {
case 'h':
filem_change = 1;
ret = parse_mode(optarg, &file_mode, argv[0]);
break;
+ case 's':
+ filem_change = 1;
+ ret = parse_mode(optarg, &tasks_mode, argv[0]);
+ break;
default:
usage(1, argv[0]);
ret = -1;
}
/* all variables set so create cgroup */
- if (dirm_change + filem_change > 0)
+ if (dirm_change | filem_change)
cgroup_set_permissions(cgroup, dir_mode, file_mode,
- file_mode);
+ tasks_mode);
ret = cgroup_create_cgroup(cgroup, 0);
if (ret) {
fprintf(stderr, "%s: "
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
-check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www/tasks" 646 nobody nobody
+check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www/tasks" 644 nobody nobody
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www" 2757 nobody nobody
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 7646 nobody nobody
-check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www/tasks" 7646 nobody nobody
+check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www/tasks" 644 nobody nobody
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
$TOOLSDIR/cgclear || die "cgclear failed"
+# STEP8: config file without default section, but with -f, -d and -t
+$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default4.conf` -t nobody:nobody -a nobody:nobody -d 757 -f 757 -s 7247 || \
+ die "STEP8: cgconfigparser -l $CONFDIR/permissions_default4.conf failed"
+
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www/tasks" 7246 nobody nobody
+
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
+
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
+check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
+
+$TOOLSDIR/cgclear || die "cgclear failed"
+
cleanup
exit 0
projects / thirdparty / libcgroup.git / commitdiff
