Merge pull request #846 from hallyn/2016-02-24/cgns.auto

cgfs: do not automount if cgroup namespaces are supported

Merge pull request #846 from hallyn/2016-02-24/cgns.auto
e80ca772 · Stéphane Graber · 4f97fce4 · 4608594e · e80ca772 · e80ca772
Commit e80ca772 authored Feb 24, 2016 by Stéphane Graber
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletion

lxc.container.conf.sgml.in doc/lxc.container.conf.sgml.in +7 -1

cgfs.c src/lxc/cgfs.c +3 -0

No files found.
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -912,7 +912,7 @@ proc proc proc nodev,noexec,nosuid 0 0
                  the container's own cgroup into that directory.
                  The container will be able to write to its own
                  cgroup directory, but not the parents, since they
-                  will be remounted read-only
+                  will be remounted read-only.
                </para>
              </listitem>
              <listitem>
@@ -987,6 +987,12 @@ proc proc proc nodev,noexec,nosuid 0 0
              </listitem>
            </itemizedlist>
            <para>
+	      If cgroup namespaces are enabled, then any <option>cgroup</option>
+	      auto-mounting request will be ignored, since the container can
+	      mount the filesystems itself, and automounting can confuse the
+	      container init.
+            </para>
+            <para>
              Note that if automatic mounting of the cgroup filesystem
              is enabled, the tmpfs under
              <filename>/sys/fs/cgroup</filename> will always be

--- a/src/lxc/cgfs.c
+++ b/src/lxc/cgfs.c
@@ -1356,6 +1356,9 @@ static bool cgroupfs_mount_cgroup(void *hdata, const char *root, int type)
 	struct cgroup_process_info *info, *base_info;
 	int r, saved_errno = 0;

+	if (cgns_supported())
+		return true;
+
 	cgfs_d = hdata;
 	if (!cgfs_d)
 		return false;