cg_build_path: use max FILENAME_MAX characters for array in 2nd parameter
The function cg_build_path is internal now. All calls of it (there is one
exception - cgroup_fill_cgc function which uses FILENAME_MAX+1, fixed now too)
have the limited second parameter buffer to FILENAME_MAX.
cg_build_path copy to this buffer, but thhere was no limitation of the size of coppied buffer.
This is fixed in the patch.
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Jan Safranek [Wed, 1 Jun 2011 09:10:51 +0000 (11:10 +0200)]
Fixed cg_chmod_recursive
The function changes permissions only in the first hierarchy, but it should
change it in all of them.
Reproducer:
1) have cpuacct and freezer mounted separately, i.e.:
$ lssubsys -m
cpuacct /sys/fs/cgroup/cpuacct
freezer /sys/fs/cgroup/freezer
2) create a group with specific permissions:
$ cgcreate -f 700 -g freezer,cpuacct:/test
Result:
$ ls -la /sys/fs/cgroup/freezer/test/
-rwx------. 1 jsafrane jsafrane 0 May 31 09:16 cgroup.clone_children
-rwx------. 1 jsafrane jsafrane 0 May 31 09:16 cgroup.event_control
(-> first controller is fine)
$ ls -la /sys/fs/cgroup/cpuacct/test/
-rw-r--r--. 1 jsafrane jsafrane 0 May 31 09:16 cgroup.clone_children
--w--w--w-. 1 jsafrane jsafrane 0 May 31 09:16 cgroup.event_control
(-> second controller is wrong, it should be -rwx------)
Changelog:
- v2: fixed return code of cg_chmod_recursive_controller when fts_read fails
- v3: fixed error code when malloc fails
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-By: Ivana Hutarova Varekova<varekova@redhat.com>
Dhaval Giani [Fri, 27 May 2011 06:36:19 +0000 (08:36 +0200)]
cgconfig: Do not touch subsystems not mounted by cgconfig
cgconfig: Do not touch subsystems not mounted by cgconfig
In its failure path, cgconfig should only touch the subsystems
it had something to do with. Currently, it unmounts all the
subsystems in the config file. Correct this.
Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-By: Ivana Hutarova Varekova <varekova@redhat.com>
Jan Safranek [Fri, 20 May 2011 13:52:58 +0000 (15:52 +0200)]
Fixed cgconfigparser to allow configs with no 'mount' section
cgconfig service fails when something else mounts cgroup hierarchies during
boot (e.g. systemd). Therefore we should allow cgconfig.conf to have no
'mount' section -> it's up to admin to ensure that controllers are mounted as
needed.
Because 'group' section is already optional, with this patch cgconfigparser
will accept empty configuration file. This is probably the best default
config for distros with systemd.
Changelog:
- fixed case with empty config file and no mounted controllers
- reworked the if conditions to be more clear
pathtest(.sh) is ot run in the current makefile and it does not work
properly, so there is no reason to add it there. This path removes
pathtest from git.
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
new version:
$ cgget -h
Usage: cgget [-nv] [-r <name>] [-g <controller>] [-a] <path> ...
or: cgget [-nv] [-r <name>] -g <controller>:<path> ...
Print parameter(s) of given group(s).
-a, --all Print info about all relevant controllers
-g <controller> Controller which info should be displaied
-g <controller>:<path> Control group whih info should be displaied
-h, --help Display this help
-n Do not print headers
-r, --variable <name> Define parameter to display
-v, --values-only Print only values, not parameter names
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
cgget: add the possibility to use -g <controllers>:<path>
Most of the tools use <controllers>:<path> together with -g option,
this patch adds this version of usage of -g option to cgget tool
Older have the possibility to use -g in form -g <controller> <path>.
fix several problems in lssubsys output
* not consistent output with and without -i option
* without this option lssubsys ignore multiple hierarchies on one mount
point
* lssubsys -i without -a does not show the hierarchy number
Jan Safranek [Wed, 6 Apr 2011 06:37:52 +0000 (08:37 +0200)]
Added tests for herarcheis mounted several times.
Two new tests:
- Test cgsnapshot, cgconfigparser and lssubsys with hierarchies mounted
several times.
- Test all the above with *named* hierarchies mounted several times +
also with named hierarchy with ordinary controllers.
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Wed, 6 Apr 2011 06:37:45 +0000 (08:37 +0200)]
Added support for named hierarchies to cgconfigparser.
Add the missing parts to make cgconfigparser able to mount named
hierarchies. It must add 'none' option to mount opts for mount without real
controller and with 'name=xxx' only, the rest (surprisingly) works out of the
box, only quoting needs special care.
Following cgconfig.conf is usable with the patch:
mount {
"name=test" = /cgroup/test;
"name=testwithcpu" = /cgroup/cpu;
cpu = /cgroup/cpu;
}
group foo {
"name=test" { }
"name=testwithcpu" { }
cpu { cpu.shares = 1024; }
}
Jan Safranek [Wed, 6 Apr 2011 06:37:38 +0000 (08:37 +0200)]
Enhanced cgsnapshot to print named hierarchies.
cgsnapshot should show named hierarchies in 'mount' section. It already shows
their groups in 'group' sections and the output should be consistent.
And take care of quotes in the output, '=' is not valid character in controller
name unless it is in double quotes.
Example:
$ mount -t cgroup -o none,name=hello none /cgroup/named
$ mount -t cgroup -o cpuacct,name=cputest none /cgroup/cpuacct
$ cgsnapshot
Jan Safranek [Wed, 6 Apr 2011 06:37:25 +0000 (08:37 +0200)]
Added -M option to lssubsys to show multiple mount points of hierarchies.
Now libcgroup is aware of hierarchies and all its mount points, let's
extend lssubsys to show them. The patch also renames few variables to be
descriptive, 'name' is not name of controller, it's list of controllers.
Now (and also with the patch, '-m' works the same):
$ lssubsys -m
cpuset,cpuacct /cgroup/cpu
memory /cgroup/memory
With the patch:
$ lssubsys -M
cpuset,cpuacct /cgroup/cpu
cpuset,cpuacct /cgroup/cpu2
memory /cgroup/memory
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Wed, 6 Apr 2011 06:37:11 +0000 (08:37 +0200)]
Added iterators to go through all mount points of a hierarchy.
Add new iterators, which return all mount points of given hierarchy. The order
of the mount points is the same as in /proc/mounts, The first returned mount
point is the same as cgroup_get_subsys_mount_point().
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Wed, 6 Apr 2011 06:37:04 +0000 (08:37 +0200)]
Fixed libcgroup to be aware of hierarchies mounted multiple times.
Current libcgroup design handles each hierarchy only once. If a hierarchy
is mounted twice or more times, only the first mount point is taken into
account and the others are 'invisible' to libcgroup.
This causes cgsnapshot and lssubsys to show only one mount point for a
hierarchy and especially in case of cgsnapshot it's not what user expects.
The patch below adds a list of all mount points to cg_mount_table_s structure.
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Wed, 6 Apr 2011 06:36:58 +0000 (08:36 +0200)]
Fixed parsing of mount options
hasmntopt() returns start of the matching string, i.e. when looking for
'cpuacct' option it can return 'cpuacct,cpuset' if these two are mounted
together. So, don't use result of this function, use internal table of
controllers instead when checking for duplicates.
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Tue, 5 Apr 2011 06:22:32 +0000 (08:22 +0200)]
Fixed cgrules.conf restore in testenv.sh
The testenv.sh backs up and restores /etc/cgrules.conf. But when there is
no /etc/cgrules.conf when the test starts, the file is not removed when the
test ends.
Changelog:
- redirected 'rm' output to /dev/null
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Tue, 5 Apr 2011 06:22:07 +0000 (08:22 +0200)]
Added tests for cgclassify tool
Various tests for cgclassify tool, including error cases and testing with
/etc/cgrules.conf. The tests will produce error messages to output, but it's
expected, reaction of cgclassify to wrong input is being tested as well.
Changelog: nothing since v1
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Ivana Hutarova Varekova<varekova@redhat.com>
Jan Safranek [Fri, 4 Mar 2011 11:22:31 +0000 (12:22 +0100)]
Fix configure --enable-debug
I've noticed that the debugging info is compiled in even if --disable-debug
is provided. Following patch adds explicit check that --enable-debug or
--enable-debug=yes is provided to configure script.
This script tests the examples 1-4 from cgconfig.conf man pages - for each one tests whether the configuration which is created using described configuration file is identical with the example described below
changelog:
* variables renamed
* added conf files to Makefile.am
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
changelog:
* test moved to separate subdirectory tools
changelog v2:
* set the directory in makefile
* add CONFIGDIR variable
This patch create general functions and variables (made by Jan Safranek):
functions:
die:
# Print an error message and exit
# Usage:
# cgclear || die "cgclear failed"
cleanup()
# Clear everything that was created at loading this script, i.e.
# remove the temporary directory
# Usage:
# cleanup
prepare_config
# Copies a file to $TMP and replaces all occurrences of TMP in the file with
# value of $TMP. The function prints the name of the new file to its std.
# output.
#
# Usage:
# cgconfigparser -l `prepare_config config/sample.conf`
Jan Safranek [Fri, 4 Mar 2011 11:06:37 +0000 (12:06 +0100)]
Fix cgclear to continue unmounting on error
Currently when the cgclear stumbles upon a mount point which cannot be
removed it exits immediatelly. IMHO it should continue clearing the rest
and unmount as much as possible.
Signed-off-by: Jan Safranek <jsafrane@redhat.com> Acked-by: Dhaval Giani <dhaval.giani@gmail.com>
Jiri Slaby [Mon, 28 Feb 2011 16:39:59 +0000 (17:39 +0100)]
configure.in: fix autoconf error
Autoconf expects an email in AC_INIT, otherwise it screams:
configure.in:18: warning: AC_INIT: not a literal: http://sourceforge.net/tracker/?group_id=218421&atid=1043649
Remove the URL, "/" and "&" are not allowed there.
Signed-off-by: Jiri Slaby <jslaby@suse.cz> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Jiri Slaby [Mon, 28 Feb 2011 16:39:58 +0000 (17:39 +0100)]
scripts/init.d: little cleanup cgred.in
Merge most of suse changes into these scripts to lower the maintanance
burden for us:
* define lockfile and use all over the code
* RETVAL should be used only in the big switch
* use quotes in some places
Signed-off-by: Jiri Slaby <jslaby@suse.cz> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Nelson Elhage [Fri, 18 Feb 2011 01:55:12 +0000 (20:55 -0500)]
cgrulesengd: Ignore netlink messages that don't come from the kernel.
recvfrom() returns the address, it doesn't filter the packet based on the
sender. We need to explicitly check the received address after the call happens.
Signed-off-by: Nelson Elhage <nelhage@ksplice.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Ken'ichi Ohmichi [Thu, 10 Feb 2011 04:41:58 +0000 (13:41 +0900)]
Make --sticky option effective when setuid(2) and setgid(2)
A cgrulesengd daemon did not check whether a stickied process or when
setuid(2)/setgid(2) happens, and the daemon moved the process based on
/etc/cgrules.conf.
So --sticky option was not effective when setuid(2)/setgid(2).
This patch makes --sticky effective when setuid(2) and setgid(2) also.
Balbir Singh [Sun, 2 Jan 2011 10:03:32 +0000 (15:33 +0530)]
Add bindings for python
The added bindings depend on swig and hence are disabled by
default. If you know what you are doing, enable the bindings
for python. To test the bindings, ensure _libcgroup.so
is copied in the same directory as libcgroup.py. There after
libcgroup API's can be invoked from python.
Please use --enable-bindings after installing swig to compile
with the changes
Jiri Slaby [Tue, 4 Jan 2011 16:56:40 +0000 (17:56 +0100)]
[PATCH 3/3] config: fix segfault in cgconfigparser
We now get:
Program received signal SIGSEGV, Segmentation fault.
cgroup_add_controller (cgroup=0x7ffff7f86010, name=0x606300 "cpuacct") at wrapper.c:70
70 cgroup->controller[cgroup->index] = controller;
(gdb) where
0 cgroup_add_controller (cgroup=0x7ffff7f86010, name=0x606300 "cpuacct") at wrapper.c:70
1 0x00007ffff79806d4 in cgroup_config_parse_controller_options (controller=0x606300 "cpuacct", values=0x6085b0)
at config.c:135
2 0x00007ffff79793ec in yyparse () at parse.y:97
3 0x00007ffff7980ee1 in cgroup_config_load_config (pathname=<value optimized out>) at config.c:667
4 0x00000000004009f4 in main (argc=3, argv=0x7fffffffdf08) at cgconfig.c:67
It's because cgroup structure is unitialized. Especially its member
index is not and later we access cgroup->controller[cgroup->index]
with cgroup->index negative and kaboom, we explode.
Jiri Slaby [Tue, 4 Jan 2011 16:56:39 +0000 (17:56 +0100)]
[PATCH 2/3] cgsnapshot: fix strn* lengths
The 'n' parameter in strncat stands for how much to copy from src, not
what's dest overall space. So we need to subtract full strlen we have
constructed so far.
Also fix one strncpy where we may pass too much as well as in strncpy.
When one passes no input to the parser, it spits out:
Cannot have mount and namespace keyword in the same configuration file
It's wrong, because we have none of them. So change it to:
Either mount or namespace keyword has to be specified in the configuration file
cgred.in: fix return value start()/stop() function's
Now cgred script can't return proper value. Because
stop()/start() functions return result of if [] when failing,
and result of wrong commands when succeeding.
So fix this.
Signed-off-by: Masaki Tachibana <tachibana@mxm.nes.nec.co.jp> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Ciju Rajan K [Wed, 15 Dec 2010 11:19:23 +0000 (16:49 +0530)]
When we invoke cgroup_get_cgroup() to get the cgroup meta data, the
admin_id and admin_gid are not displayed correctly. This is because
cgroup_fill_cgc() does not differentiate between the cgroup control
files and tasks file. So cgroup->control_uid and cgroup->control_gid
fields are getting populated with the uid and gid of tasks file.
This patch fixes this problem by adding a check in the cgroup_fill_cgc()
function to see if the file is a 'tasks' file or not.
Changes from v1.0:
* Instead of using strstr() using pointer arithmetic to get the last six
characters of the entire path
* Fixed the problem of dealing *tasks* string as part of directory names
Signed-off-by: Ciju Rajan K <ciju@linux.vnet.ibm.com> Acked-by: Dhaval Giani <dhaval.giani@gmail.com> Signed-off-by: Balbir Singh <balbir@linux.vnet.ibm.com>
Jan Safranek [Thu, 2 Dec 2010 14:00:40 +0000 (15:00 +0100)]
if a hierarchy with more controllers is parsed before hierarchy with less
controllers as the last two hierarchies, then the output of cgsnapshot is
broken - test is missing
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Acked-by: Jan Safranek <jsafrane@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Jan Safranek [Thu, 2 Dec 2010 14:00:40 +0000 (15:00 +0100)]
There is a bug which causes the initialised configuration will
be bogus or does not work at all and majority of tools does not work well.
The situation happens when multiple mount points are mounted for one hierarchy and the hierarchy
have multiple controllers:
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Acked-by: Jan Safranek <jsafrane@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Jan Safranek [Thu, 2 Dec 2010 14:00:40 +0000 (15:00 +0100)]
there is no sense to read the data for cgroup which was not found
Signed-off-by: Ivana Hutarova Varekova <varekova@redhat.com> Acked-by: Jan Safranek <jsafrane@redhat.com> Signed-off-by: Jan Safranek <jsafrane@redhat.com>
Jan Safranek [Thu, 2 Dec 2010 14:00:40 +0000 (15:00 +0100)]
There is a bogus test in cgroup_get_parent_name
which returns error in situation when 0 should be return.
This causes problem e.g. when a hierarchy is mounted to two
mount points.
CHANGELOG:
- the test is not removed but moved to the else part
EXAMPLE:
$ cat aux.conf
mount {
cpu = /cgroup/cpu;
cpuacct = /cgroup/cpu;
memory = /cgroup/memory;
}
group hXAjiy/wWRq {
cpu {}
memory {}
}
$ mkdir /mnt/cgroups/cpu 2>/dev/null
$ mount -t cgroup -o cpu,cpuacct cpu /mnt/cgroups/cpu
$ time cgconfigparser -l aux.conf
$ cgclear
$ cat /proc/cgroups
Dhaval Giani [Tue, 16 Nov 2010 13:29:49 +0000 (14:29 +0100)]
v2 [patch 4/6] api: Use a new counter in an inner loop
The same counter is reused in an inner loop in cg_prepare_cgroup.
This is perfectly fine simply because we never exit the inner
loop to the outer loop. The only way out of the inner loop leads
to a return statement, during which there is no mention of the
outer counter.
However, this is ugly code, and hard to read and may lead to bugs
if some decides to refactor the code. So clean it all up using a
different counter.
Thanks to Steve Grubb for raising this issue at
http://article.gmane.org/gmane.comp.lib.libcg.devel/2485
Reported-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com> Acked-By: Jan Safranek <jsafrane@redhat.com>
Dhaval Giani [Tue, 16 Nov 2010 13:29:48 +0000 (14:29 +0100)]
v2 [patch 3/6] libcgroup: Fix up memory leak in cgroup_basename
We were not freeing up tmp_string if the strdup for basename failed.
Since we anyway need to free up tmp_string and return NULL if the
strdup failed, we don't really care about testing the return value
of the strdup, and therefore this check is not needed. Remove this
check then.
Thanks to Steve Grubb's review at
http://article.gmane.org/gmane.comp.lib.libcg.devel/2485
Reported-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com> Acked-By: Jan Safranek <jsafrane@redhat.com>
Dhaval Giani [Tue, 16 Nov 2010 13:29:47 +0000 (14:29 +0100)]
v2 [patch 2/6] wrapper.c: correct the return types
Steve Grubb was kind enough to do a review at
http://article.gmane.org/gmane.comp.lib.libcg.devel/2485
and pointed out that we were checking for unsigned values to be
negative. That is of course wrong, and we need to actually be
checking integers. Correct the return type so that the check
is valid once more.
Reported-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com> Acked-By: Jan Safranek <jsafrane@redhat.com>
Dhaval Giani [Tue, 16 Nov 2010 13:29:46 +0000 (14:29 +0100)]
v2 [patch 1/6] wrapper.c: Fix memory leaks
Steve Grubb was kind enough to do a code review at
http://article.gmane.org/gmane.comp.lib.libcg.devel/2485
and spotted a few memory leaks. Take care of them!
Reported-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Dhaval Giani <dhaval.giani@gmail.com> Acked-By: Jan Safranek <jsafrane@redhat.com>
projects / thirdparty / libcgroup.git / log
