This allows the user to set the cgroups manually before calling nspawn. --- src/nspawn/nspawn.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 2f7dd53..c67cab2 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1053,6 +1053,21 @@ static int mount_cgroup_hierarchy(const char *dest, const char *controller, cons return 1; } +static int mount_cgroup_tmpfs(const char *cgroup_root) { + int r; + + r = path_is_mount_point(cgroup_root, false); + if (r < 0 && r != -ENOENT) + return log_error_errno(r, "Failed to determine if %s is mounted already: %m", cgroup_root); + if (r > 0) + return 0; + + if (mount("tmpfs", cgroup_root, "tmpfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, "mode=755") < 0) + return log_error_errno(errno, "Failed to mount tmpfs to /sys/fs/cgroup: %m"); + + return 1; +} + static int mount_cgroup(const char *dest) { _cleanup_set_free_free_ Set *controllers = NULL; _cleanup_free_ char *own_cgroup_path = NULL; @@ -1072,8 +1087,9 @@ static int mount_cgroup(const char *dest) { return log_error_errno(r, "Failed to determine our own cgroup path: %m"); cgroup_root = strjoina(dest, "/sys/fs/cgroup"); - if (mount("tmpfs", cgroup_root, "tmpfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, "mode=755") < 0) - return log_error_errno(errno, "Failed to mount tmpfs to /sys/fs/cgroup: %m"); + r = mount_cgroup_tmpfs(cgroup_root); + if (r < 0) + return r; for (;;) { _cleanup_free_ char *controller = NULL, *origin = NULL, *combined = NULL; -- 2.4.0 _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel