Make --sticky option effective when setuid(2) and setgid(2)

A cgrulesengd daemon did not check whether a stickied process or when
setuid(2)/setgid(2) happens, and the daemon moved the process based on
/etc/cgrules.conf.
So --sticky option was not effective when setuid(2)/setgid(2).

This patch makes --sticky effective when setuid(2) and setgid(2) also.

Signed-off-by: Ken'ichi Ohmichi <oomichi@mxs.nes.nec.co.jp>
Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com>

diff --git a/src/daemon/cgrulesengd.c b/src/daemon/cgrulesengd.c
index 69165bfee4004afa2663fc42302e9b5e40e58071..a2f9549e3e3996d552322769fa6629c9c760ed8f 100644 (file)
--- a/src/daemon/cgrulesengd.c
+++ b/src/daemon/cgrulesengd.c
@@ -339,6 +339,12 @@ int cgre_process_event(const struct proc_event *ev, const int type)
        switch (type) {
        case PROC_EVENT_UID:
        case PROC_EVENT_GID:
+               /*
+                * If the unchanged process, the daemon should not change the
+                * cgroup of the process.
+                */
+               if (cgre_is_unchanged_process(ev->event_data.id.process_pid))
+                       return 0;
                pid = ev->event_data.id.process_pid;
                break;
        case PROC_EVENT_FORK: