summaryrefslogtreecommitdiff
path: root/pkg/cgroups/cgroups.go
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2019-08-14 11:21:26 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2019-08-14 15:46:07 +0200
commit9873901469bd5a4e435132cbb65aa6bacf798c2a (patch)
tree1280b3cef25bdeb04f5d54bea2a5e38695074e49 /pkg/cgroups/cgroups.go
parenta734b53357a84d5156e2902113e72d9384f9515b (diff)
downloadpodman-9873901469bd5a4e435132cbb65aa6bacf798c2a.tar.gz
podman-9873901469bd5a4e435132cbb65aa6bacf798c2a.tar.bz2
podman-9873901469bd5a4e435132cbb65aa6bacf798c2a.zip
pkg/cgroups: use DBUS session when rootless
use the DBUS user session when running in rootless mode. Closes: https://github.com/containers/libpod/issues/3801 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/cgroups/cgroups.go')
-rw-r--r--pkg/cgroups/cgroups.go73
1 files changed, 69 insertions, 4 deletions
diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go
index f2c6b548e..085718855 100644
--- a/pkg/cgroups/cgroups.go
+++ b/pkg/cgroups/cgroups.go
@@ -10,6 +10,8 @@ import (
"strconv"
"strings"
+ systemdDbus "github.com/coreos/go-systemd/dbus"
+ "github.com/godbus/dbus"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -352,7 +354,56 @@ func (c *CgroupControl) CreateSystemdUnit(path string) error {
if !c.systemd {
return fmt.Errorf("the cgroup controller is not using systemd")
}
- return systemdCreate(path)
+
+ conn, err := systemdDbus.New()
+ if err != nil {
+ return err
+ }
+ defer conn.Close()
+
+ return systemdCreate(path, conn)
+}
+
+// GetUserConnection returns an user connection to D-BUS
+func GetUserConnection(uid int) (*systemdDbus.Conn, error) {
+ return systemdDbus.NewConnection(func() (*dbus.Conn, error) {
+ return dbusAuthConnection(uid, dbus.SessionBusPrivate)
+ })
+}
+
+// CreateSystemdUserUnit creates the systemd cgroup for the specified user
+func (c *CgroupControl) CreateSystemdUserUnit(path string, uid int) error {
+ if !c.systemd {
+ return fmt.Errorf("the cgroup controller is not using systemd")
+ }
+
+ conn, err := GetUserConnection(uid)
+ if err != nil {
+ return err
+ }
+ defer conn.Close()
+
+ return systemdCreate(path, conn)
+}
+
+func dbusAuthConnection(uid int, createBus func(opts ...dbus.ConnOption) (*dbus.Conn, error)) (*dbus.Conn, error) {
+ conn, err := createBus()
+ if err != nil {
+ return nil, err
+ }
+
+ methods := []dbus.Auth{dbus.AuthExternal(strconv.Itoa(uid))}
+
+ err = conn.Auth(methods)
+ if err != nil {
+ conn.Close()
+ return nil, err
+ }
+ if err := conn.Hello(); err != nil {
+ return nil, err
+ }
+
+ return conn, nil
}
// Delete cleans a cgroup
@@ -386,10 +437,11 @@ func rmDirRecursively(path string) error {
return nil
}
-// DeleteByPath deletes the specified cgroup path
-func (c *CgroupControl) DeleteByPath(path string) error {
+// DeleteByPathConn deletes the specified cgroup path using the specified
+// dbus connection if needed.
+func (c *CgroupControl) DeleteByPathConn(path string, conn *systemdDbus.Conn) error {
if c.systemd {
- return systemdDestroy(path)
+ return systemdDestroyConn(path, conn)
}
if c.cgroup2 {
return rmDirRecursively(filepath.Join(cgroupRoot, c.path))
@@ -413,6 +465,19 @@ func (c *CgroupControl) DeleteByPath(path string) error {
return lastError
}
+// DeleteByPath deletes the specified cgroup path
+func (c *CgroupControl) DeleteByPath(path string) error {
+ if c.systemd {
+ conn, err := systemdDbus.New()
+ if err != nil {
+ return err
+ }
+ defer conn.Close()
+ return c.DeleteByPathConn(path, conn)
+ }
+ return c.DeleteByPathConn(path, nil)
+}
+
// Update updates the cgroups
func (c *CgroupControl) Update(resources *spec.LinuxResources) error {
for _, h := range handlers {