diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-07-12 11:44:36 +0200 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-07-12 12:11:06 +0200 |
commit | 6c8ceaf21ef0a5af55f62c63295ce930a6db8b8e (patch) | |
tree | ca6dbf34e98b357d7d0beca9302f7652748f7fb4 /pkg/cgroups | |
parent | 144567b42dba2c8c426538a4b5fe7d718b43284a (diff) | |
download | podman-6c8ceaf21ef0a5af55f62c63295ce930a6db8b8e.tar.gz podman-6c8ceaf21ef0a5af55f62c63295ce930a6db8b8e.tar.bz2 podman-6c8ceaf21ef0a5af55f62c63295ce930a6db8b8e.zip |
cgroupsv2: do not enable controllers for the last component
do not automatically enable the controllers for the last path
component. It is necessary as once there are enabled controllers in a
cgroup, it won't possible to add processes to it.
Fix conmon being moved to the correct cgroup path when using
--cgroup-manager cgroupfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/cgroups')
-rw-r--r-- | pkg/cgroups/cgroups.go | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/cgroups/cgroups.go b/pkg/cgroups/cgroups.go index 1dad45d7f..fc9847a51 100644 --- a/pkg/cgroups/cgroups.go +++ b/pkg/cgroups/cgroups.go @@ -187,8 +187,12 @@ func createCgroupv2Path(path string) (Err error) { }() } } - if err := ioutil.WriteFile(filepath.Join(current, "cgroup.subtree_control"), resByte, 0755); err != nil { - return errors.Wrapf(err, "write %s", filepath.Join(current, "cgroup.subtree_control")) + // We enable the controllers for all the path components except the last one. It is not allowed to add + // PIDs if there are already enabled controllers. + if i < len(elements[3:])-1 { + if err := ioutil.WriteFile(filepath.Join(current, "cgroup.subtree_control"), resByte, 0755); err != nil { + return errors.Wrapf(err, "write %s", filepath.Join(current, "cgroup.subtree_control")) + } } } return nil |