On 06/07/2011 02:32 PM, Michal Hocko wrote: > We cannot setup file or directory permissions in (/etc/cgconfig.conf) > configuration file while we can do this with available tools. > This patch adds new two options fperm, dperm. > Task section supports only fperm, because there are no directories > involved while admin section supports both of them. > > Example: > /etc/cgconfig.conf: > mount { > cpu = /dev/cpuctl; > } > group devel { > perm { > task { > uid = root; > gid = cgroup; > fperm = 660; > } > admin { > uid = root; > gid = cgroup; > dperm = 775; > } > } > cpu { > cpu.shares = 5120; > } > } > > $ tools/cgconfigparser -l /etc/cgconfig.conf > $ ls -la /dev/cpuctl/devel/ > total 0 > drwxrwxr-x 2 root cgroup 0 May 13 15:22 . > drwxr-xr-x 3 root root 0 May 13 15:22 .. > -rw-r--r-- 1 root cgroup 0 May 13 15:22 cgroup.clone_children > --w--w--w- 1 root cgroup 0 May 13 15:22 cgroup.event_control > -r--r--r-- 1 root cgroup 0 May 13 15:22 cgroup.procs > -rw-r--r-- 1 root cgroup 0 May 13 15:22 cpu.rt_period_us > -rw-r--r-- 1 root cgroup 0 May 13 15:22 cpu.rt_runtime_us > -rw-r--r-- 1 root cgroup 0 May 13 15:22 cpu.shares > -rw-r--r-- 1 root cgroup 0 May 13 15:22 notify_on_release > -rw-rw---- 1 root cgroup 0 May 13 15:22 tasks > > This patch enhances parser callbacks to initialize cgroup->task_fperm > and cgroup->control_[fd]perm and forces chmod at general > cgroup_create_cgroup level. This is safe because everybody who uses > cgroup has those values initialized to -1 unless they are set and then > they should be used. > > Signed-off-by: Michal Hocko <mho...@suse.cz>
Acked-By: Jan Safranek <jsafr...@redhat.com> > --- > src/api.c | 11 +++++++++++ > src/config.c | 24 ++++++++++++++++++++++++ > 2 files changed, 35 insertions(+), 0 deletions(-) > > diff --git a/src/api.c b/src/api.c > index f295102..0f308af 100644 > --- a/src/api.c > +++ b/src/api.c > @@ -1475,6 +1475,13 @@ int cgroup_create_cgroup(struct cgroup *cgroup, int > ignore_ownership) > cgroup_dbg("Changing ownership of %s\n", fts_path[0]); > error = cg_chown_recursive(fts_path, > cgroup->control_uid, cgroup->control_gid); > + if (!error) { > + error = > cg_chmod_recursive_controller(fts_path[0], > + cgroup->control_dperm, > + cgroup->control_dperm != > NO_PERMS, > + cgroup->control_fperm, > + cgroup->control_fperm != > NO_PERMS); > + } > } > > if (error) > @@ -1521,11 +1528,15 @@ int cgroup_create_cgroup(struct cgroup *cgroup, int > ignore_ownership) > } > error = chown(path, cgroup->tasks_uid, > cgroup->tasks_gid); > + if (!error && cgroup->task_fperm != NO_PERMS) > + error = chmod(path, cgroup->task_fperm); > + > if (error) { > last_errno = errno; > error = ECGOTHER; > goto err; > } > + > } > free(base); > base = NULL; > diff --git a/src/config.c b/src/config.c > index 92d8227..3e67b4f 100644 > --- a/src/config.c > +++ b/src/config.c > @@ -234,6 +234,14 @@ int cgroup_config_group_task_perm(char *perm_type, char > *value) > config_cgroup->tasks_gid = val; > } > > + if (!strcmp(perm_type, "fperm")) { > + char *endptr; > + val = strtol(value, &endptr, 8); > + if (*endptr) > + goto group_task_error; > + config_cgroup->task_fperm = val; > + } > + > free(perm_type); > free(value); > return 1; > @@ -300,6 +308,22 @@ int cgroup_config_group_admin_perm(char *perm_type, char > *value) > config_cgroup->control_gid = val; > } > > + if (!strcmp(perm_type, "fperm")) { > + char *endptr; > + val = strtol(value, &endptr, 8); > + if (*endptr) > + goto admin_error; > + config_cgroup->control_fperm = val; > + } > + > + if (!strcmp(perm_type, "dperm")) { > + char *endptr; > + val = strtol(value, &endptr, 8); > + if (*endptr) > + goto admin_error; > + config_cgroup->control_dperm = val; > + } > + > free(perm_type); > free(value); > return 1; ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ Libcg-devel mailing list Libcg-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libcg-devel