Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
Reviewed
Description
The container executor function write_pid_to_cgroup_as_root writes the PID of the newly launched container to the correct cgroup.procs file. However it checks if the file is mounted on a cgroup filesystem, and does that check using the magic number, which differs for v1 and v2. This should handle v1 or v2 filesystems as well.
/** * Write the pid of the current process to the cgroup file. * cgroup_file: Path to cgroup file where pid needs to be written to. */ static int write_pid_to_cgroup_as_root(const char* cgroup_file, pid_t pid) { int rc = 0; uid_t user = geteuid(); gid_t group = getegid(); if (change_effective_user(0, 0) != 0) { rc = -1; goto cleanup; } // statfs struct statfs buf; if (statfs(cgroup_file, &buf) == -1) { fprintf(LOGFILE, "Can't statfs file %s as node manager - %s\n", cgroup_file, strerror(errno)); rc = -1; goto cleanup; } else if (buf.f_type != CGROUP_SUPER_MAGIC) { fprintf(LOGFILE, "Pid file %s is not located on cgroup filesystem\n", cgroup_file); rc = -1; goto cleanup; }
Attachments
Issue Links
- links to