Systemd provides pam_systemd.so for PAM module and for many commands, such as
su command, pam_systemd.so will be called and the process will be moved to the
cgroup that systemd managed.
Generally, if we move the bash process from its related session cgroup created
by systemd under /sys/fs/cgroup/systemd/user.slice to some other cgroup, then
systemd will move the new bash process into a new group named as
session-cxxxx.scope under /sys/fs/cgroup/systemd/user.slice after executing su
command.
We would like to manage the cgroups for a set of processes created by
ourselves, how to prevent systemd to do such routines, without disabling
pam_systemd in PAM module.
For example
the default cgroup root path is /sys/fs/cgroup.
When manually created 'bash' process with pid 12345 and session id 99999, then
systemd will create directory session-99999.scope under
/sys/fs/cgroup/systemd/user.slice/user-0.slice/ and place the process 12345
into it.
For other cgroups such as cpu or memory, the process 12345 will be placed into
eache user.slice directory under these cgroups bounded with subsystems
If we move the process with pid 12345 into other cgroup from
session-99999.scope, for example:
We move it from
/sys/fs/cgroup/systemd/user.slice/user-0.slice/session-99999.scope to
/sys/fs/cgroup/systemd/.
For cpu group, we move it form /sys/fs/cgroup/cpu/user.slice to
/sys/fs/cgroup/my_test_group.
Then we execute 'su xxx' command, created a new bash with pid 13333, then
Systemd will create a new session group named session-cxxxxx.scope, for
example, session-c10010.scope under
/sys/fs/cgroup/systemd/user.slice/user-0.slice/ and place the new process 13333
into it.
For the cpu group, the new process 13333 will be placed into user.slice instead
of the my_test_group.
_______________________________________________
systemd-devel mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
