From 3b6cb8fabb2695df6518ee598abb945044afc758 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 9 Jun 2021 13:55:03 +0200
Subject: container: ignore named hierarchies

when looking up the container cgroup, ignore named hierarchies since
containers running systemd as payload will create a sub-cgroup and
move themselves there.

Closes: https://github.com/containers/podman/issues/10602

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/container.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'libpod')

diff --git a/libpod/container.go b/libpod/container.go
index c6f0cd618..4b9bea5fc 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -957,6 +957,12 @@ func (c *Container) cGroupPath() (string, error) {
 	// is the libpod-specific one we're looking for.
 	//
 	// See #8397 on the need for the longest-path look up.
+	//
+	// And another workaround for containers running systemd as the payload.
+	// containers running systemd moves themselves into a child subgroup of
+	// the named systemd cgroup hierarchy.  Ignore any named cgroups during
+	// the lookup.
+	// See #10602 for more details.
 	procPath := fmt.Sprintf("/proc/%d/cgroup", c.state.PID)
 	lines, err := ioutil.ReadFile(procPath)
 	if err != nil {
@@ -972,6 +978,10 @@ func (c *Container) cGroupPath() (string, error) {
 			logrus.Debugf("Error parsing cgroup: expected 3 fields but got %d: %s", len(fields), procPath)
 			continue
 		}
+		// Ignore named cgroups like name=systemd.
+		if bytes.Contains(fields[1], []byte("=")) {
+			continue
+		}
 		path := string(fields[2])
 		if len(path) > len(cgroupPath) {
 			cgroupPath = path
-- 
cgit v1.2.3-54-g00ecf