-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add opencontainers/runc#617 (for more LXD nesting support)
- Loading branch information
Showing
2 changed files
with
49 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| From a0e87bfc2d61d5c7e668b8298b5047bfcc79824a Mon Sep 17 00:00:00 2001 | ||
| Origin: https://github.com/opencontainers/runc/pull/617 | ||
| From: Serge Hallyn <[email protected]> | ||
| Date: Wed, 2 Mar 2016 21:00:38 -0800 | ||
| Subject: [PATCH] cgroup namespaces: ignore the mount.Root if we have cgroup | ||
| namespaces | ||
|
|
||
| In a cgroup namespace, you can mount cgroupfs, and your namespace | ||
| root (say /docker1) becomes the root of the cgroup filesystem. This | ||
| shows up as field 3 in the mountinfo. This is unfortunately | ||
| ambiguous with a cgroupfs bind mount, and in this case we cannot use | ||
| that root as a prefix for our cgroup, since as far as we are concerned | ||
| our cgroup is '/', not '/docker1'. | ||
|
|
||
| So if cgroup namespaces are enabled (/proc/$$/ns/cgroup exists), then | ||
| assume that we haven't done any silly cgroupfs bind mount trickery, | ||
| and ignore the fs root field. | ||
|
|
||
| Signed-off-by: Serge Hallyn <[email protected]> | ||
| --- | ||
| libcontainer/cgroups/utils.go | 7 ++++++- | ||
| 1 file changed, 6 insertions(+), 1 deletion(-) | ||
|
|
||
| diff --git a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/utils.go b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/utils.go | ||
| index 006800d..8fc67a9 100644 | ||
| --- a/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/utils.go | ||
| +++ b/vendor/src/github.com/opencontainers/runc/libcontainer/cgroups/utils.go | ||
| @@ -124,6 +124,7 @@ func (m Mount) GetThisCgroupDir(cgroups map[string]string) (string, error) { | ||
| func getCgroupMountsHelper(ss map[string]bool, mi io.Reader) ([]Mount, error) { | ||
| res := make([]Mount, 0, len(ss)) | ||
| scanner := bufio.NewScanner(mi) | ||
| + cgroupNamespacesEnabled := PathExists("/proc/self/ns/cgroup") | ||
| for scanner.Scan() { | ||
| txt := scanner.Text() | ||
| sepIdx := strings.Index(txt, " - ") | ||
| @@ -136,7 +137,11 @@ func getCgroupMountsHelper(ss map[string]bool, mi io.Reader) ([]Mount, error) { | ||
| fields := strings.Split(txt, " ") | ||
| m := Mount{ | ||
| Mountpoint: fields[4], | ||
| - Root: fields[3], | ||
| + } | ||
| + if cgroupNamespacesEnabled { | ||
| + m.Root = "/" | ||
| + } else { | ||
| + m.Root = fields[3] | ||
| } | ||
| for _, opt := range strings.Split(fields[len(fields)-1], ",") { | ||
| if strings.HasPrefix(opt, cgroupNamePrefix) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters