[gentoo-commits] proj/openrc:master commit in: sh/

Wed, 14 Sep 2016 12:00:57 -0700 

commit:     c4d7e02abd7008b8e8ad16f62c2abbb60fab252b
Author:     William Hubbs <w.d.hubbs <AT> gmail <DOT> com>
AuthorDate: Wed Sep 14 16:08:48 2016 +0000
Commit:     William Hubbs <williamh <AT> gentoo <DOT> org>
CommitDate: Wed Sep 14 17:34:42 2016 +0000
URL:        https://gitweb.gentoo.org/proj/openrc.git/commit/?id=c4d7e02a

Fix permission checks for cgroups

This is needed because containers may give read access to cgroups but
not allow the settings to be changed.

 sh/rc-cgroup.sh.in | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/sh/rc-cgroup.sh.in b/sh/rc-cgroup.sh.in
index 20b2c6e..5987f96 100644
--- a/sh/rc-cgroup.sh.in
+++ b/sh/rc-cgroup.sh.in
@@ -53,7 +53,7 @@ cgroup_set_values()
        while [ -n "$1" -a "$controller" != "cpuacct" ]; do
                case "$1" in
                        $controller.*)
-                               if [ -n "$name" -a -f "$cgroup/$name" -a -n 
"$val" ]; then
+                               if [ -n "$name" -a -w "$cgroup/$name" -a -n 
"$val" ]; then
                                        veinfo "$RC_SVCNAME: Setting 
$cgroup/$name to $val"
                                        printf "%s" "$val" > "$cgroup/$name"
                                fi
@@ -68,12 +68,12 @@ cgroup_set_values()
                esac
                shift
        done
-       if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
+       if [ -n "$name" -a -w "$cgroup/$name" -a -n "$val" ]; then
                veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
                printf "%s" "$val" > "$cgroup/$name"
        fi
 
-       if [ -f "$cgroup/tasks" ]; then
+       if [ -w "$cgroup/tasks" ]; then
                veinfo "$RC_SVCNAME: adding to $cgroup/tasks"
                printf "%d" 0 > "$cgroup/tasks"
        fi
@@ -88,14 +88,14 @@ cgroup_add_service()
     # cgroups. But may lead to a problems where that inheriting
     # is needed.
        for d in /sys/fs/cgroup/* ; do
-               [ -f "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
+               [ -w "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
        done
 
        openrc_cgroup=/sys/fs/cgroup/openrc
        if [ -d "$openrc_cgroup" ]; then
                cgroup="$openrc_cgroup/$RC_SVCNAME"
                mkdir -p "$cgroup"
-               [ -f "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
+               [ -w "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
        fi
 }

Reply via email to