api.c: cache cgrules with CGFLAG_USECACHE flag

pam_cgroup.so plugin uses /etc/cgrules.conf to assign processes
to the requested cgroup.  This works well with active
cgrulesengd but in the instances where cgrulesengd is disabled,
the rules are not read and cached by default. Fix this is by
reloading and caching the rules when called with CGFLAG_USECACHE
flag.

Fixes: https://github.com/libcgroup/libcgroup/issues/84
Reported-by: Kent Overstreet <kent.overstreet@gmail.com>
Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
TJH: Minor commit comment changes
(cherry picked from commit 80a0bd4b8873df38060309e775d609dcc219531f)

diff --git a/src/api.c b/src/api.c
index 88ae1adb423afbad3be4c9c70b53da1703181352..1cadc73f4c98a8f8426fe6f86011a89a91b85062 100644 (file)
--- a/src/api.c
+++ b/src/api.c
@@ -3876,6 +3876,20 @@ int cgroup_change_cgroup_flags(uid_t uid, gid_t gid,
                goto finished;
        }
 
+       /*
+        * User had asked to find the matching rule (if one exist) in the
+        * cached rules  but the list might be empty due to the inactive
+        * cgrulesengd. Lets emulate its behaviour of caching the rules
+        * by reloading the rules from the configuration file.
+        */
+       if ((flags & CGFLAG_USECACHE) && (rl.head == NULL)) {
+               cgroup_warn("Warning: no cached rules found, trying to reload "
+                           " from %s.\n", CGRULES_CONF_FILE);
+               ret = cgroup_reload_cached_rules();
+               if (ret != 0)
+                       goto finished;
+       }
+
        /*
         * If the user did not ask for cached rules, we must parse the
         * configuration to find a matching rule (if one exists).  Else, we'll