cgm all should work on unbound cgroups
Bug #1317687 reported by
Serge Hallyn
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cgmanager (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Fix Released
|
High
|
Unassigned |
Bug Description
=======
Impact: unprivileged users may not be able to start containers
Test case: log into a system without libpam-logind installed, so that you are in cgroup /.
sudo cgm create all c1
sudo chown all c1 $(id -u) $(id -g)
cgm movepid all c1 $$
lxc-create -t download -n c1 -- -d ubuntu -r trusty -a amd64
lxc-start -n c1
This should succeed, but will fail with warnings about the name=systemd cgroup.
=======
If a user does 'cgm movepid all xxx $$', they likely want to be moved into cgroup xxx for the name=systemd controller as well.
Changed in cgmanager (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in cgmanager (Ubuntu Trusty): | |
importance: | Undecided → High |
status: | New → Confirmed |
description: | updated |
tags: |
added: verification-done removed: verification-needed |
To post a comment you must log in.
This bug was fixed in the package cgmanager - 0.26-0ubuntu2
---------------
cgmanager (0.26-0ubuntu2) utopic; urgency=low
* 0001-cgm- make-all- also-reference- name-systemd. patch: make cgm all
also act on the name=systemd container (LP: #1317687)
-- Serge Hallyn <email address hidden> Thu, 08 May 2014 17:58:29 -0500