Hello Casey, do you know why /sys/fs/cgroup/systemd has access="*" on Tizen? Where is that access set, and is it perhaps inherited by all files and directories created underneath it?
>From a running Tizen: # mount | grep /sys/fs/cgroup/systemd cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd) # chsmack /sys/fs/cgroup/systemd /sys/fs/cgroup/systemd access="*" # chsmack /sys/fs/cgroup/systemd/user.slice/user-5000.slice/cgroup.procs /sys/fs/cgroup/systemd/user.slice/user-5000.slice/cgroup.procs access="*" The reason for asking is a failure on "Tizen on Yocto" where the user session only comes up with security=none. I traced it down to /sys/fs/cgroup/systemd/user.slice/user-5000.slice/cgroup.procs having the "_" access label - see https://bugs.tizen.org/jira/browse/TC-1964?focusedCommentId=51744&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-51744 Because of that, "systemd --user" fails with "Failed to create root cgroup hierarchy: Permission denied". Ronan, do you remember doing anything special for this in previous versions of "Tizen on Yocto"? -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
