diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-09-06 15:30:30 +0200 | 
|---|---|---|
| committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2019-09-12 08:35:26 +0200 | 
| commit | afd0818326aa37f03a3bc74f0269a06a403db16d (patch) | |
| tree | 8ebc91774297027f2c244b22a4428222d42fa3ad /vendor/github.com/fsouza/go-dockerclient/internal/archive/archive_unix.go | |
| parent | b94a5e241095a55a6838970148d296e109b2afd1 (diff) | |
| download | podman-afd0818326aa37f03a3bc74f0269a06a403db16d.tar.gz podman-afd0818326aa37f03a3bc74f0269a06a403db16d.tar.bz2 podman-afd0818326aa37f03a3bc74f0269a06a403db16d.zip | |
rootless: automatically create a systemd scope
when running in rootless mode and using systemd as cgroup manager
create automatically a systemd scope when the user doesn't own the
current cgroup.
This solves a couple of issues:
on cgroup v2 it is necessary that a process before it can moved to a
different cgroup tree must be in a directory owned by the unprivileged
user.  This is not always true, e.g. when creating a session with su
-l.
Closes: https://github.com/containers/libpod/issues/3937
Also, for running systemd in a container it was before necessary to
specify "systemd-run --scope --user podman ...", now this is done
automatically as part of this PR.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'vendor/github.com/fsouza/go-dockerclient/internal/archive/archive_unix.go')
0 files changed, 0 insertions, 0 deletions
