On Do, 11.07.19 09:57, Michal Koutný (mkou...@suse.com) wrote:
> On Thu, Jun 20, 2019 at 02:19:34PM +0200, Lennart Poettering
> wrote:
> > Sorry, but there is not, it's not safe, as documented.
>
> The doc [1] says:
> > Think twice before delegating cgroup v1 controllers to less privileged
> >
On Thu, Jun 20, 2019 at 02:19:34PM +0200, Lennart Poettering
wrote:
> Sorry, but there is not, it's not safe, as documented.
The doc [1] says:
> Think twice before delegating cgroup v1 controllers to less privileged
> containers. It’s not safe, you basically allow your containers to
> freeze
On Mi, 19.06.19 17:33, John Lane (syst...@jelmail.com) wrote:
>
> I have a service which runs as an unprivileged user (User=foo) with
> delegated cgroup (Delegate=true) that wants to use the "memory" and
> "cpu" controllers. Systemd is using the hybrid mode with both v1 and v2
> cgroups, and the
I have a service which runs as an unprivileged user (User=foo) with
delegated cgroup (Delegate=true) that wants to use the "memory" and
"cpu" controllers. Systemd is using the hybrid mode with both v1 and v2
cgroups, and the controllers are assigned to the v1 groups.
Before I can use the "cpu"