03e585985f
In some cases, /sys/fs/cgroups is mounted read-only. In rootless containers we can consider this effectively identical to having cgroups that we don't have write permission to -- because the user isn't responsible for the read-only setup and cannot modify it. The rules are identical to when /sys/fs/cgroups is not writable by the unprivileged user. An example of this is the default configuration of Docker, where cgroups are mounted as read-only as a preventative security measure. Reported-by: Vladimir Rutsky <rutsky@google.com> Signed-off-by: Aleksa Sarai <asarai@suse.de> |
||
|---|---|---|
| .. | ||
| fs | ||
| systemd | ||
| cgroups.go | ||
| cgroups_test.go | ||
| cgroups_unsupported.go | ||
| stats.go | ||
| utils.go | ||
| utils_test.go | ||