[FFe] Add cgmanager support

Bug #1297363 reported by Stéphane Graber on 2014-03-25
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
systemd (Ubuntu)
Undecided
Unassigned

Bug Description

I'd like to add cgmanager support to systemd-logind so that in environment where it doesn't have direct access to the cgroup hierarchy (most notably unprivileged LXC containers), it'll be able to use cgmanager to perform all the operations it needs.

This is implemented through a patch directly against our current version of systemd, this isn't upstreamable code as it's a bit hackish and current upstream systemd has now switched logind to using the systemd cgroup API rather than performing direct accesses.

The change in question is available at: https://code.launchpad.net/~stgraber/ubuntu/trusty/systemd/logind-cgmanager/+merge/211649

This has been reviewd by Serge Hallyn (author of cgmanager) and Martin Pitt and tested quite a bit here, so I'm pretty confident this will work as intended.

For systems that do not ship cgmanager (currently everyone but those using LXC), logind will use the old code path without any change whatsoever, for those with cgmanager installed (detected by the presence of /sys/fs/cgroup/cgmanager/sock), logind will attempt to connect to it and use it. If the connection fails, it'll fallback to using the filesystem directly.

I'm sorry for the late FFe, but this was stuck on the security team processing the MIR of cgmanager which took a couple of months... It finally got accepted earlier this week and I'm planning to upload LXC 1.0.2 later this week which will pull it into main, then followed shortly by systemd should this FFe be approved.

Landing would happen right after Beta 2 is out.

Steve Langasek (vorlon) wrote :

FFe approved.

Changed in systemd (Ubuntu):
status: New → Invalid
Steve Langasek (vorlon) on 2014-03-28
Changed in systemd (Ubuntu):
status: Invalid → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package systemd - 204-5ubuntu14

---------------
systemd (204-5ubuntu14) trusty; urgency=medium

  [ Steve Langasek ]
  * Do proper refcounting of the PAM module package on prerm, so that we
    don't drop the module from the PAM config when uninstalling a
    foreign-arch package. Related to Ubuntu bug #1295521.

  [ Stéphane Graber ]
  * Add cgmanager support to logind. This will use the cgmanager socket
    instead of cgroupfs when cgmanager is available. Otherwise it'll simply
    fallback on the cgroupfs code. (LP: #1297363)
 -- Stephane Graber <email address hidden> Tue, 01 Apr 2014 20:02:35 -0400

Changed in systemd (Ubuntu):
status: Confirmed → Fix Released
Julien Aubin (gojulgarbmail) wrote :

Hi,

This fix causes a regression when /usr is not mounted on the same partition as /. See bug report 1301544

Stéphane Graber (stgraber) wrote :

Thanks for the report and sorry for missing this... we did make sure cgmanager would land in / and not /usr but apparently we missing the libraries, we should have a fix uploaded shortly.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers