On Wed, Jul 10, 2013 at 5:48 PM, Lennart Poettering <lenn...@poettering.net> wrote: > On Sat, 06.07.13 01:16, Marc-Antoine Perennou (marc-anto...@perennou.com) > wrote: > >> When creating the cgroup hierarchy for a user slice, >> chown this slice to the user uid. >> >> Signed-off-by: Marc-Antoine Perennou <marc-anto...@perennou.com> >> --- >> src/shared/cgroup-label.c | 8 ++++++++ >> 1 file changed, 8 insertions(+) >> >> diff --git a/src/shared/cgroup-label.c b/src/shared/cgroup-label.c >> index 574a7be..1891c9a 100644 >> --- a/src/shared/cgroup-label.c >> +++ b/src/shared/cgroup-label.c >> @@ -41,6 +41,7 @@ >> >> int cg_create(const char *controller, const char *path) { >> _cleanup_free_ char *fs = NULL; >> + uid_t uid = (uid_t) -1; >> int r; >> >> r = cg_get_path_and_check(controller, path, NULL, &fs); >> @@ -59,6 +60,13 @@ int cg_create(const char *controller, const char *path) { >> return -errno; >> } >> >> + r = cg_path_get_owner_uid(path, &uid); >> + if (r < 0 && r != -ENOENT) >> + return r; >> + >> + if (uid != (uid_t) -1) >> + chown(fs, uid, (gid_t) -1); >> + > > systemd in git will now grant access to the cgroup subtree in > user@.service to the specific user. That should solve the issue. (Note > that this means systemd --user will only work when run from > user@.service, as access to the cgroup tree is *not* granted for normal > sessions directly.)
can you elaborate what "normal" sessions are? Are we talking about `PAMName=systemd-shared` being the part that distinguishes them? Thanks, Auke _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel