check whether /sys/fs/cgroup is a mountpoint
The current check only tries to detect whether /sys/fs/cgroup exists and whether it is writable or not. But when the init system doesn't mount cgroups then /sys/fs/cgroup will just be an empty directory. When paired with unprivileged containers that mount sysfs this will cause misleading errors to be printed since /sys/fs/cgroup will be owned by user nobody:nogroup in this case. Independent of this specific problem this check will also be misleading when the /sys/fs/cgroup exists and is in fact writable by the init system but isn't actually a mountpoint. Note from William. "grep -qs" doesn't need to redirect output to /dev/null since it is completely silent. This fixes #209.
This commit is contained in:
parent
38032626a6
commit
16ff3cd8df
@ -260,9 +260,12 @@ for _cmd; do
|
||||
# Apply cgroups settings if defined
|
||||
if [ "$(command -v cgroup_add_service)" = "cgroup_add_service" ]
|
||||
then
|
||||
if [ -d /sys/fs/cgroup -a ! -w /sys/fs/cgroup ]; then
|
||||
eerror "No permission to apply cgroup settings"
|
||||
break
|
||||
if grep -qs /sys/fs/cgroup /proc/1/mountinfo
|
||||
then
|
||||
if [ -d /sys/fs/cgroup -a ! -w /sys/fs/cgroup ]; then
|
||||
eerror "No permission to apply cgroup settings"
|
||||
break
|
||||
fi
|
||||
fi
|
||||
cgroup_add_service
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user