cgroup: rmdir the entire systemd scope

commit 7ea7617 caused a regression on cgroup v1, and some directories that are created manually are not cleaned up on container termination causing a cgroup leak. Fix it by deleting the entire systemd scope directory instead of deleting only the final cgroup. Closes: containers#1144 Signed-off-by: Giuseppe Scrivano <[email protected]>
giuseppe · Feb 19, 2023 · e9f2515 · e9f2515
1 parent 04a2c9e
commit e9f2515
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/src/libcrun/cgroup-systemd.c b/src/libcrun/cgroup-systemd.c
@@ -955,6 +955,8 @@ static int
 libcrun_destroy_cgroup_systemd (struct libcrun_cgroup_status *cgroup_status,
                                 libcrun_error_t *err)
 {
+  cleanup_free char *path_to_scope = NULL;
+  char *tmp;
   int mode;
   int ret;
 
@@ -970,7 +972,12 @@ libcrun_destroy_cgroup_systemd (struct libcrun_cgroup_status *cgroup_status,
   if (UNLIKELY (ret < 0))
     crun_error_release (err);
 
-  return destroy_cgroup_path (cgroup_status->path, mode, err);
+  path_to_scope = xstrdup (cgroup_status->path);
+  tmp = strstr (path_to_scope, cgroup_status->scope);
+  if (tmp)
+    tmp[strlen(cgroup_status->scope)] = '\0';
+
+  return destroy_cgroup_path (path_to_scope, mode, err);
 }
 
 static int