chmod container cgroup 775

so that container root can create sub-cgroups Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>

chmod container cgroup 775
c0888dfe · Serge Hallyn · 95adfe93 · c0888dfe
Commit c0888dfe authored Mar 06, 2016 by Serge Hallyn
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 1 deletion

cgfsng.c src/lxc/cgfsng.c +11 -1

No files found.
--- a/src/lxc/cgfsng.c
+++ b/src/lxc/cgfsng.c
@@ -1014,6 +1014,11 @@ struct chown_data {
 	uid_t origuid; // target uid in parent namespace
 };
+/*
+ * chgrp the container cgroups to container group.  We leave
+ * the container owner as cgroup owner.  So we must make the
+ * directories 775 so that the container can create sub-cgroups.
+ */
 static int chown_cgroup_wrapper(void *data)
 {
 	struct chown_data *arg = data;
@@ -1037,7 +1042,12 @@ static int chown_cgroup_wrapper(void *data)
 			free(fullpath);
 			return -1;
 		}
-		// TODO - do we need to chown tasks and cgroup.procs too?
+		if (chmod(fullpath, 0775) < 0) {
+			SYSERROR("Error chmoding %s\n", fullpath);
+			free(fullpath);
+			return -1;
+		}
 		free(fullpath);
 	}