From fd8d332a4e440462f2dc8fbd1de4c291187fd92a Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 10 Sep 2021 10:06:45 +0200
Subject: test: enable --cgroup-parent test

and fix it for running with runc.

Closes: https://github.com/containers/podman/issues/11165

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/container_internal_linux.go | 10 +++++-----
 test/e2e/run_cgroup_parent_test.go | 32 ++++++++++++++------------------
 2 files changed, 19 insertions(+), 23 deletions(-)

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index eabe8efd2..ae029dc62 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -2489,11 +2489,6 @@ func (c *Container) getOCICgroupPath() (string, error) {
 	switch {
 	case c.config.NoCgroups:
 		return "", nil
-	case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)):
-		if !isRootlessCgroupSet(c.config.CgroupParent) {
-			return "", nil
-		}
-		return c.config.CgroupParent, nil
 	case c.config.CgroupsMode == cgroupSplit:
 		if c.config.CgroupParent != "" {
 			return c.config.CgroupParent, nil
@@ -2510,6 +2505,11 @@ func (c *Container) getOCICgroupPath() (string, error) {
 		systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID())
 		logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups)
 		return systemdCgroups, nil
+	case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)):
+		if c.config.CgroupParent == "" || !isRootlessCgroupSet(c.config.CgroupParent) {
+			return "", nil
+		}
+		fallthrough
 	case cgroupManager == config.CgroupfsCgroupsManager:
 		cgroupPath := filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID()))
 		logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath)
diff --git a/test/e2e/run_cgroup_parent_test.go b/test/e2e/run_cgroup_parent_test.go
index 82b6c3057..e0e1d4b1d 100644
--- a/test/e2e/run_cgroup_parent_test.go
+++ b/test/e2e/run_cgroup_parent_test.go
@@ -13,6 +13,8 @@ import (
 	. "github.com/onsi/gomega/gexec"
 )
 
+const cgroupRoot = "/sys/fs/cgroup"
+
 var _ = Describe("Podman run with --cgroup-parent", func() {
 	var (
 		tempdir    string
@@ -64,7 +66,6 @@ var _ = Describe("Podman run with --cgroup-parent", func() {
 	})
 
 	Specify("always honor --cgroup-parent", func() {
-		Skip("https://github.com/containers/podman/issues/11165")
 		SkipIfCgroupV1("test not supported in cgroups v1")
 		if Containerized() || podmanTest.CgroupManager == "cgroupfs" {
 			Skip("Requires Systemd cgroup manager support")
@@ -78,36 +79,31 @@ var _ = Describe("Podman run with --cgroup-parent", func() {
 		Expect(run).Should(Exit(0))
 		cid := run.OutputToString()
 
-		exec := podmanTest.Podman([]string{"exec", cid, "cat", "/proc/self/cgroup"})
+		exec := podmanTest.Podman([]string{"exec", cid, "cat", "/proc/1/cgroup"})
 		exec.WaitWithDefaultTimeout()
 		Expect(exec).Should(Exit(0))
 
 		containerCgroup := strings.TrimRight(strings.Replace(exec.OutputToString(), "0::", "", -1), "\n")
 
-		content, err := ioutil.ReadFile(filepath.Join("/sys/fs/cgroup", containerCgroup, "cgroup.procs"))
-		Expect(err).To(BeNil())
-
 		// Move the container process to a sub cgroup
-		subCgroupPath := filepath.Join(filepath.Join("/sys/fs/cgroup", containerCgroup, "old-container"))
-
-		err = os.MkdirAll(subCgroupPath, 0755)
+		content, err := ioutil.ReadFile(filepath.Join(cgroupRoot, containerCgroup, "cgroup.procs"))
 		Expect(err).To(BeNil())
-
-		err = ioutil.WriteFile(filepath.Join(subCgroupPath, "cgroup.procs"), content, 0644)
+		oldSubCgroupPath := filepath.Join(filepath.Join(cgroupRoot, containerCgroup, "old-container"))
+		err = os.MkdirAll(oldSubCgroupPath, 0755)
+		Expect(err).To(BeNil())
+		err = ioutil.WriteFile(filepath.Join(oldSubCgroupPath, "cgroup.procs"), content, 0644)
 		Expect(err).To(BeNil())
 
-		cgroup := filepath.Dir(containerCgroup)
+		newCgroup := fmt.Sprintf("%s/new-container", containerCgroup)
+		err = os.MkdirAll(filepath.Join(cgroupRoot, newCgroup), 0755)
+		Expect(err).To(BeNil())
 
-		run = podmanTest.Podman([]string{"--cgroup-manager=cgroupfs", "run", "-d", fmt.Sprintf("--cgroup-parent=%s", cgroup), fedoraMinimal, "sleep", "100"})
+		run = podmanTest.Podman([]string{"--cgroup-manager=cgroupfs", "run", "--rm", "--cgroupns=host", fmt.Sprintf("--cgroup-parent=%s", newCgroup), fedoraMinimal, "cat", "/proc/self/cgroup"})
 		run.WaitWithDefaultTimeout()
 		Expect(run).Should(Exit(0))
+		cgroupEffective := strings.TrimRight(strings.Replace(run.OutputToString(), "0::", "", -1), "\n")
 
-		exec = podmanTest.Podman([]string{"exec", cid, "cat", "/proc/self/cgroup"})
-		exec.WaitWithDefaultTimeout()
-		Expect(exec).Should(Exit(0))
-		cgroupEffective := filepath.Dir(strings.TrimRight(strings.Replace(exec.OutputToString(), "0::", "", -1), "\n"))
-
-		Expect(cgroupEffective).To(Equal(cgroup))
+		Expect(newCgroup).To(Equal(filepath.Dir(cgroupEffective)))
 	})
 
 	Specify("valid --cgroup-parent using slice", func() {
-- 
cgit v1.2.3-54-g00ecf