[lxc-devel] [lxc/master] start: only preserve CLONE_NEWCGROUP when supported
brauner on Github
lxc-bot at linuxcontainers.org
Mon Nov 6 22:24:49 UTC 2017
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171106/0c54fdd5/attachment.bin>
-------------- next part --------------
From baed7c1b584423a121cdf21c39d89cbb006b76bc Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 6 Nov 2017 23:24:01 +0100
Subject: [PATCH] start: only preserve CLONE_NEWCGROUP when supported
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/start.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/lxc/start.c b/src/lxc/start.c
index fe76b2357..ca80136d5 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1402,13 +1402,15 @@ static int lxc_spawn(struct lxc_handler *handler)
if (lxc_sync_barrier_child(handler, LXC_SYNC_READY_START))
return -1;
- ret = lxc_preserve_ns(handler->pid, "cgroup");
- if (ret < 0) {
- ERROR("%s - Failed to preserve cgroup namespace", strerror(errno));
- goto out_delete_net;
+ if (cgns_supported()) {
+ ret = lxc_preserve_ns(handler->pid, "cgroup");
+ if (ret < 0) {
+ ERROR("%s - Failed to preserve cgroup namespace", strerror(errno));
+ goto out_delete_net;
+ }
+ handler->nsfd[LXC_NS_CGROUP] = ret;
+ DEBUG("Preserved cgroup namespace via fd %d", ret);
}
- handler->nsfd[LXC_NS_CGROUP] = ret;
- DEBUG("Preserved cgroup namespace via fd %d", ret);
if (lxc_network_recv_name_and_ifindex_from_child(handler) < 0) {
ERROR("Failed to receive names and ifindices for network "
More information about the lxc-devel
mailing list