From 399c3a5e4bba2cbdab70af712b3ed75b48f4a761 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 1 Jun 2018 13:13:48 +0200
Subject: oci: do not set the cgroup path in Rootless mode

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #871
Approved by: mheon
---
 libpod/oci.go     | 30 ++++++++++++++++--------------
 libpod/runtime.go |  4 +++-
 2 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/libpod/oci.go b/libpod/oci.go
index db0fd0d16..95bebdd88 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -349,23 +349,25 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er
 	childStartPipe.Close()
 
 	// Move conmon to specified cgroup
-	if r.cgroupManager == SystemdCgroupsManager {
-		unitName := createUnitName("libpod-conmon", ctr.ID())
+	if os.Getuid() == 0 {
+		if r.cgroupManager == SystemdCgroupsManager {
+			unitName := createUnitName("libpod-conmon", ctr.ID())
 
-		logrus.Infof("Running conmon under slice %s and unitName %s", cgroupParent, unitName)
-		if err = utils.RunUnderSystemdScope(cmd.Process.Pid, cgroupParent, unitName); err != nil {
-			logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err)
-		}
-	} else {
-		cgroupPath := filepath.Join(ctr.config.CgroupParent, fmt.Sprintf("libpod-%s", ctr.ID()), "conmon")
-		control, err := cgroups.New(cgroups.V1, cgroups.StaticPath(cgroupPath), &spec.LinuxResources{})
-		if err != nil {
-			logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err)
+			logrus.Infof("Running conmon under slice %s and unitName %s", cgroupParent, unitName)
+			if err = utils.RunUnderSystemdScope(cmd.Process.Pid, cgroupParent, unitName); err != nil {
+				logrus.Warnf("Failed to add conmon to systemd sandbox cgroup: %v", err)
+			}
 		} else {
-			// we need to remove this defer and delete the cgroup once conmon exits
-			// maybe need a conmon monitor?
-			if err := control.Add(cgroups.Process{Pid: cmd.Process.Pid}); err != nil {
+			cgroupPath := filepath.Join(ctr.config.CgroupParent, fmt.Sprintf("libpod-%s", ctr.ID()), "conmon")
+			control, err := cgroups.New(cgroups.V1, cgroups.StaticPath(cgroupPath), &spec.LinuxResources{})
+			if err != nil {
 				logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err)
+			} else {
+				// we need to remove this defer and delete the cgroup once conmon exits
+				// maybe need a conmon monitor?
+				if err := control.Add(cgroups.Process{Pid: cmd.Process.Pid}); err != nil {
+					logrus.Warnf("Failed to add conmon to cgroupfs sandbox cgroup: %v", err)
+				}
 			}
 		}
 	}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index b208bc718..05b8134b8 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -183,7 +183,9 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) {
 
 	configPath := ConfigPath
 	foundConfig := true
-	if _, err := os.Stat(OverrideConfigPath); err == nil {
+	if os.Getuid() != 0 {
+		foundConfig = false
+	} else if _, err := os.Stat(OverrideConfigPath); err == nil {
 		// Use the override configuration path
 		configPath = OverrideConfigPath
 	} else if _, err := os.Stat(ConfigPath); err != nil {
-- 
cgit v1.2.3-54-g00ecf