Hi,
this is just a first RFC for permissions setting consolidation.
Currently we cannot specify permissions for subsystems files and
directories in the configuration file while we can do that by cgcreate
tool. 
The tool, however, changes permissions blindly without considering
which of them make sense for particular files. One example is
cgroup.event_control which is supposed to be write only.
# cgcreate -a root:cgroup -f 775 -g cpu:foo
foo# ls -l                                                                      
                                 
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.clone_children                   
                                                          
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.event_control                    
                                                          
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.procs                            
                                                          
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.rt_period_us                        
                                                          
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.rt_runtime_us                       
                                                          
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.shares
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 notify_on_release
-rwxrwxr-x 1 root cgroup 0 May 19 11:17 tasks

This patchset adds possibility to do the same thing as cgcreate in
configuration file and changes the way how we set file permissions.

Patch 1 is just preparatory and adds file/directory permissions fields
into cgroup so that we can set them from the configuration.

Patch 2 is just a clean up. I guess it might be a controversial a bit
because it changes API. I can drop it easily if you do not like it. I
just think that we do not need any special flag if we can use -1 for
mode_t which can be never used for any permissions.

Patch 3 actually adds the file permissions handling into configuration.

Patch 4 changes the way how we set file and directory permissions. As
Jan suggested in the previous discussions we use owner file permissions
as an umask for group and others permissions.

Michal Hocko (4):
  Add file and directory permissions into cgroup
  cg_chmod_recursive: use -1U for unitialized perm parameters
  cgconfig: enable setting file permissions
  cg_chmod_file: Use owner permissions as umask for other permissions

 include/libcgroup/groups.h |    8 ++----
 src/api.c                  |   56 ++++++++++++++++++++++++++++++++++---------
 src/config.c               |   30 +++++++++++++++++++++++
 src/libcgroup-internal.h   |    3 ++
 src/tools/cgcreate.c       |   14 ++++-------
 src/wrapper.c              |   15 +++++++++++-
 6 files changed, 99 insertions(+), 27 deletions(-)

-- 
1.7.4.4


------------------------------------------------------------------------------
What Every C/C++ and Fortran developer Should Know!
Read this article and learn how Intel has extended the reach of its 
next-generation tools to help Windows* and Linux* C/C++ and Fortran 
developers boost performance applications - including clusters. 
http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________
Libcg-devel mailing list
Libcg-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libcg-devel

Reply via email to