summaryrefslogtreecommitdiff
path: root/pkg/cgroups/cgroups_unsupported.go
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2019-09-06 15:30:30 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2019-09-12 08:35:26 +0200
commitafd0818326aa37f03a3bc74f0269a06a403db16d (patch)
tree8ebc91774297027f2c244b22a4428222d42fa3ad /pkg/cgroups/cgroups_unsupported.go
parentb94a5e241095a55a6838970148d296e109b2afd1 (diff)
downloadpodman-afd0818326aa37f03a3bc74f0269a06a403db16d.tar.gz
podman-afd0818326aa37f03a3bc74f0269a06a403db16d.tar.bz2
podman-afd0818326aa37f03a3bc74f0269a06a403db16d.zip
rootless: automatically create a systemd scope
when running in rootless mode and using systemd as cgroup manager create automatically a systemd scope when the user doesn't own the current cgroup. This solves a couple of issues: on cgroup v2 it is necessary that a process before it can moved to a different cgroup tree must be in a directory owned by the unprivileged user. This is not always true, e.g. when creating a session with su -l. Closes: https://github.com/containers/libpod/issues/3937 Also, for running systemd in a container it was before necessary to specify "systemd-run --scope --user podman ...", now this is done automatically as part of this PR. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/cgroups/cgroups_unsupported.go')
-rw-r--r--pkg/cgroups/cgroups_unsupported.go6
1 files changed, 6 insertions, 0 deletions
diff --git a/pkg/cgroups/cgroups_unsupported.go b/pkg/cgroups/cgroups_unsupported.go
index 9dc196e42..cd140fbf3 100644
--- a/pkg/cgroups/cgroups_unsupported.go
+++ b/pkg/cgroups/cgroups_unsupported.go
@@ -6,3 +6,9 @@ package cgroups
func IsCgroup2UnifiedMode() (bool, error) {
return false, nil
}
+
+// UserOwnsCurrentSystemdCgroup checks whether the current EUID owns the
+// current cgroup.
+func UserOwnsCurrentSystemdCgroup() (bool, error) {
+ return false, nil
+}