From: Serge Hallyn Date: Mon, 7 Mar 2016 20:20:14 +0000 (-0800) Subject: cgfsng: try to chown tasks and cgroup.procs X-Git-Tag: lxc-2.0.0.rc6~1^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F875%2Fhead;p=thirdparty%2Flxc.git cgfsng: try to chown tasks and cgroup.procs Signed-off-by: Serge Hallyn --- diff --git a/src/lxc/cgfsng.c b/src/lxc/cgfsng.c index f5e349e62..aaa03b534 100644 --- a/src/lxc/cgfsng.c +++ b/src/lxc/cgfsng.c @@ -1028,6 +1028,9 @@ struct chown_data { * chgrp the container cgroups to container group. We leave * the container owner as cgroup owner. So we must make the * directories 775 so that the container can create sub-cgroups. + * + * Also chown the tasks and cgroup.procs files. Those may not + * exist depending on kernel version. */ static int chown_cgroup_wrapper(void *data) { @@ -1046,19 +1049,27 @@ static int chown_cgroup_wrapper(void *data) destuid = get_ns_uid(arg->origuid); for (i = 0; d->hierarchies[i]; i++) { - char *fullpath = must_make_path(d->hierarchies[i]->fullcgpath, NULL); - if (chown(fullpath, destuid, 0) < 0) { - SYSERROR("Error chowning %s", fullpath); - free(fullpath); + char *fullpath, *path = d->hierarchies[i]->fullcgpath; + + if (chown(path, destuid, 0) < 0) { + SYSERROR("Error chowning %s to %d: %m", path, (int) destuid); return -1; } - if (chmod(fullpath, 0775) < 0) { - SYSERROR("Error chmoding %s\n", fullpath); - free(fullpath); + if (chmod(path, 0775) < 0) { + SYSERROR("Error chmoding %s: %m", path); return -1; } + /* Failures to chown these are inconvenient but not detrimental */ + fullpath = must_make_path(path, "tasks", NULL); + if (chown(fullpath, destuid, 0) < 0 && errno != ENOENT) + WARN("Failed chowning %s to %d: %m", fullpath, (int) destuid); + free(fullpath); + + fullpath = must_make_path(path, "cgroup.procs", NULL); + if (chown(fullpath, destuid, 0) < 0 && errno != ENOENT) + WARN("Failed chowning %s to %d: %m", fullpath, (int) destuid); free(fullpath); }