From 43647298b687ca2e0cd43dcc2c972014231024fd Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Mon, 7 Mar 2016 12:20:14 -0800 Subject: [PATCH] cgfsng: try to chown tasks and cgroup.procs Signed-off-by: Serge Hallyn --- src/lxc/cgfsng.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/src/lxc/cgfsng.c b/src/lxc/cgfsng.c index f5e349e62..aaa03b534 100644 --- a/src/lxc/cgfsng.c +++ b/src/lxc/cgfsng.c @@ -1028,6 +1028,9 @@ struct chown_data { * chgrp the container cgroups to container group. We leave * the container owner as cgroup owner. So we must make the * directories 775 so that the container can create sub-cgroups. + * + * Also chown the tasks and cgroup.procs files. Those may not + * exist depending on kernel version. */ static int chown_cgroup_wrapper(void *data) { @@ -1046,19 +1049,27 @@ static int chown_cgroup_wrapper(void *data) destuid = get_ns_uid(arg->origuid); for (i = 0; d->hierarchies[i]; i++) { - char *fullpath = must_make_path(d->hierarchies[i]->fullcgpath, NULL); - if (chown(fullpath, destuid, 0) < 0) { - SYSERROR("Error chowning %s", fullpath); - free(fullpath); + char *fullpath, *path = d->hierarchies[i]->fullcgpath; + + if (chown(path, destuid, 0) < 0) { + SYSERROR("Error chowning %s to %d: %m", path, (int) destuid); return -1; } - if (chmod(fullpath, 0775) < 0) { - SYSERROR("Error chmoding %s\n", fullpath); - free(fullpath); + if (chmod(path, 0775) < 0) { + SYSERROR("Error chmoding %s: %m", path); return -1; } + /* Failures to chown these are inconvenient but not detrimental */ + fullpath = must_make_path(path, "tasks", NULL); + if (chown(fullpath, destuid, 0) < 0 && errno != ENOENT) + WARN("Failed chowning %s to %d: %m", fullpath, (int) destuid); + free(fullpath); + + fullpath = must_make_path(path, "cgroup.procs", NULL); + if (chown(fullpath, destuid, 0) < 0 && errno != ENOENT) + WARN("Failed chowning %s to %d: %m", fullpath, (int) destuid); free(fullpath); } -- 2.47.2