[lxc-devel] [PATCH 2/3] c/r: escape cgroups before exec()ing criu
Tycho Andersen
tycho.andersen at canonical.com
Tue Dec 8 23:08:10 UTC 2015
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
---
src/lxc/criu.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/lxc/criu.c b/src/lxc/criu.c
index c0ce965..062289f 100644
--- a/src/lxc/criu.c
+++ b/src/lxc/criu.c
@@ -56,6 +56,18 @@ void exec_criu(struct criu_opts *opts)
char buf[4096];
+ /* If we are currently in a cgroup /foo/bar, and the container is in a
+ * cgroup /lxc/foo, lxcfs will give us an ENOENT if some task in the
+ * container has an open fd that points to one of the cgroup files
+ * (systemd always opens its "root" cgroup). So, let's escape to the
+ * /actual/ root cgroup so that lxcfs thinks criu has enough rights to
+ * see all cgroups.
+ */
+ if (!cgroup_escape()) {
+ ERROR("failed to escape cgroups");
+ return;
+ }
+
/* The command line always looks like:
* criu $(action) --tcp-established --file-locks --link-remap --force-irmap \
* --manage-cgroups action-script foo.sh -D $(directory) \
--
2.6.2
More information about the lxc-devel
mailing list