chmod container cgroup 775

so that container root can create sub-cgroups

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

diff --git a/src/lxc/cgfsng.c b/src/lxc/cgfsng.c
index 221e7d5ab58e1ec68b51e11d28eeb8cfccb17395..b4519b2b0bac3c8fe155f8085b552c326af93cfe 100644 (file)
--- a/src/lxc/cgfsng.c
+++ b/src/lxc/cgfsng.c
@@ -1014,6 +1014,11 @@ struct chown_data {
        uid_t origuid; // target uid in parent namespace
 };
 
+/*
+ * chgrp the container cgroups to container group.  We leave
+ * the container owner as cgroup owner.  So we must make the
+ * directories 775 so that the container can create sub-cgroups.
+ */
 static int chown_cgroup_wrapper(void *data)
 {
        struct chown_data *arg = data;
@@ -1037,7 +1042,12 @@ static int chown_cgroup_wrapper(void *data)
                        free(fullpath);
                        return -1;
                }
-               // TODO - do we need to chown tasks and cgroup.procs too?
+
+               if (chmod(fullpath, 0775) < 0) {
+                       SYSERROR("Error chmoding %s\n", fullpath);
+                       free(fullpath);
+                       return -1;
+               }
 
                free(fullpath);
        }