cgroups: fix cgroup mounting

src/lxc/cgroups/cgfsng.c

@@ -1871,13 +1871,21 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops,
 		return cg_mount_cgroup_full(type, ops->unified, cgroup_root) == 0;
 	}
 
-	/* mount tmpfs */
-	ret = safe_mount_beneath(root, NULL, DEFAULT_CGROUP_MOUNTPOINT, "tmpfs",
+	/*
+	 * Mount a tmpfs over DEFAULT_CGROUP_MOUNTPOINT. Note that we're
+	 * relying on RESOLVE_BENEATH so we need to skip the leading "/" in the
+	 * DEFAULT_CGROUP_MOUNTPOINT define.
+	 */
+	ret = safe_mount_beneath(root, NULL,
+				 DEFAULT_CGROUP_MOUNTPOINT_RELATIVE,
+				 "tmpfs",
 				 MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,
 				 "size=10240k,mode=755");
 	if (ret < 0) {
 		if (errno != ENOSYS)
-			return false;
+			return log_error_errno(false, errno,
+					       "Failed to mount tmpfs on %s",
+					       DEFAULT_CGROUP_MOUNTPOINT);
 
 		ret = safe_mount(NULL, cgroup_root, "tmpfs",
 				 MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME,

src/lxc/cgroups/cgroup.h

@@ -11,6 +11,7 @@
 #include "macro.h"
 #include "memory_utils.h"
 
+#define DEFAULT_CGROUP_MOUNTPOINT_RELATIVE "sys/fs/cgroup"
 #define DEFAULT_CGROUP_MOUNTPOINT "/sys/fs/cgroup"
 #define DEFAULT_PAYLOAD_CGROUP_PREFIX "lxc.payload."
 #define DEFAULT_MONITOR_CGROUP_PREFIX "lxc.monitor."

src/lxc/utils.c

@@ -1103,7 +1103,7 @@ int __safe_mount_beneath_at(int beneath_fd, const char *src, const char *dst, co
 
 	target_fd = openat2(beneath_fd, dst, &how, sizeof(how));
 	if (target_fd < 0)
-		return -errno;
+		return log_error_errno(-errno, errno, "Failed to open %d(%s)", beneath_fd, dst);
 	ret = snprintf(tgt_buf, sizeof(tgt_buf), "/proc/self/fd/%d", target_fd);
 	if (ret < 0 || ret >= sizeof(tgt_buf))
 		return -EIO;