Skip to content

Commit

Permalink
container: ignore named hierarchies
Browse files Browse the repository at this point in the history
when looking up the container cgroup, ignore named hierarchies since
containers running systemd as payload will create a sub-cgroup and
move themselves there.

Closes: containers#10602

Signed-off-by: Giuseppe Scrivano <[email protected]>
  • Loading branch information
giuseppe committed Jun 10, 2021
1 parent d116beb commit 3b6cb8f
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
10 changes: 10 additions & 0 deletions libpod/container.go
Original file line number Diff line number Diff line change
Expand Up @@ -957,6 +957,12 @@ func (c *Container) cGroupPath() (string, error) {
// is the libpod-specific one we're looking for.
//
// See #8397 on the need for the longest-path look up.
//
// And another workaround for containers running systemd as the payload.
// containers running systemd moves themselves into a child subgroup of
// the named systemd cgroup hierarchy. Ignore any named cgroups during
// the lookup.
// See #10602 for more details.
procPath := fmt.Sprintf("/proc/%d/cgroup", c.state.PID)
lines, err := ioutil.ReadFile(procPath)
if err != nil {
Expand All @@ -972,6 +978,10 @@ func (c *Container) cGroupPath() (string, error) {
logrus.Debugf("Error parsing cgroup: expected 3 fields but got %d: %s", len(fields), procPath)
continue
}
// Ignore named cgroups like name=systemd.
if bytes.Contains(fields[1], []byte("=")) {
continue
}
path := string(fields[2])
if len(path) > len(cgroupPath) {
cgroupPath = path
Expand Down
7 changes: 7 additions & 0 deletions test/e2e/systemd_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"strings"
"time"

"github.com/containers/podman/v3/pkg/rootless"
. "github.com/containers/podman/v3/test/utils"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
Expand Down Expand Up @@ -115,6 +116,12 @@ WantedBy=multi-user.target
conData := result.InspectContainerToJSON()
Expect(len(conData)).To(Equal(1))
Expect(conData[0].Config.SystemdMode).To(BeTrue())

if CGROUPSV2 || !rootless.IsRootless() {
stats := podmanTest.Podman([]string{"stats", "--no-stream", ctrName})
stats.WaitWithDefaultTimeout()
Expect(stats.ExitCode()).To(Equal(0))
}
})

It("podman create container with systemd entrypoint triggers systemd mode", func() {
Expand Down

0 comments on commit 3b6cb8f

Please sign in to comment.