Currently we cannot specify permissions for subsystems files and directories in the configuration file while we can do that by cgcreate tool. The tool, however, changes permissions blindly without considering which of them make sense for particular files. One example is cgroup.event_control which is supposed to be write only. # cgcreate -a root:cgroup -f 775 -g cpu:foo foo# ls -l -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.clone_children -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.event_control -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cgroup.procs -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.rt_period_us -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.rt_runtime_us -rwxrwxr-x 1 root cgroup 0 May 19 11:17 cpu.shares -rwxrwxr-x 1 root cgroup 0 May 19 11:17 notify_on_release -rwxrwxr-x 1 root cgroup 0 May 19 11:17 tasks
This patchset adds possibility to do the same thing as cgcreate in configuration file and changes the way how we set file permissions. Patch 1 is just preparatory and adds file/directory permissions fields into cgroup so that we can set them from the configuration. Patch 2 actually adds the file permissions handling into configuration. Patch 3 changes the way how we set file and directory permissions. As Jan suggested in the previous discussions we use owner file permissions as an umask for group and others permissions. Changes since v3: * rebase on top of the current git * use cg_chmod_recursive_controller rather than cg_chmod_recursive * get rid of cg_owner_mask_chmod_recursive and __cg_chmod_recursive * intriduced set_file_permissions * do not export cg_chmod_path Changes since v2: * introduced cg_owner_mask_chmod_recursive rather than change cg_chmod_recursive semantic * export cg_owner_mask_chmod_recursive into the public API correctly * got rid of hardcoded -1 for uninitialized permisions and use NO_PERMS constant instead. * dropped patch to change cg_chmod_recursive parameters because it changes ABI. Michal Hocko (3): Add file and directory permissions into cgroup cgconfig: enable setting file permissions chmod_file: Introduce intelligent file permissions setting include/libcgroup/groups.h | 12 +++++++ src/api.c | 71 +++++++++++++++++++++++++++++++++++++------ src/config.c | 32 ++++++++++++++++++++ src/libcgroup-internal.h | 14 ++++++++ src/libcgroup.map | 2 +- src/tools/cgcreate.c | 5 ++- src/wrapper.c | 15 ++++++++- 7 files changed, 137 insertions(+), 14 deletions(-) -- 1.7.5.3 ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Libcg-devel mailing list Libcg-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libcg-devel
