jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #344 from hqhq/hq_fix_systemd_device 

cgroups: always create device cgroup on systemd
This commit is contained in:
Victor Marmol 2015-01-29 11:39:07 -08:00
parent e05f807a89 46573774a2
commit c37b9125ec
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
cgroups/systemd/apply_systemd.go
View File

@ -128,14 +128,12 @@ func Apply(c *cgroups.Cgroup, pid int) (map[string]string, error) {
return nil, err
}
if !c.AllowAllDevices {
if err := joinDevices(c, pid); err != nil {
return nil, err
}
if err := joinDevices(c, pid); err != nil {
return nil, err
}
// -1 disables memorySwap
if c.MemorySwap >= 0 && (c.Memory != 0 || c.MemorySwap > 0) {
if c.MemorySwap >= 0 && c.Memory != 0 {
if err := joinMemory(c, pid); err != nil {
return nil, err
}
@ -272,14 +270,16 @@ func joinDevices(c *cgroups.Cgroup, pid int) error {
return err
}
if err := writeFile(path, "devices.deny", "a"); err != nil {
return err
}
for _, dev := range c.AllowedDevices {
if err := writeFile(path, "devices.allow", dev.GetCgroupAllowString()); err != nil {
if !c.AllowAllDevices {
if err := writeFile(path, "devices.deny", "a"); err != nil {
return err
}
for _, dev := range c.AllowedDevices {
if err := writeFile(path, "devices.allow", dev.GetCgroupAllowString()); err != nil {
return err
}
}
}
return nil