aboutsummaryrefslogtreecommitdiff
path: root/sh
diff options
context:
space:
mode:
authorWilliam Hubbs <w.d.hubbs@gmail.com>2016-09-14 11:08:48 -0500
committerWilliam Hubbs <w.d.hubbs@gmail.com>2016-09-14 12:34:42 -0500
commitc4d7e02abd7008b8e8ad16f62c2abbb60fab252b (patch)
tree78f4f562e706db6790c2aad5bd23881cd5f0e5e1 /sh
parenta4e0d675e13f07bf880da10a4d602983a556264d (diff)
Fix permission checks for cgroups
This is needed because containers may give read access to cgroups but not allow the settings to be changed.
Diffstat (limited to 'sh')
-rw-r--r--sh/rc-cgroup.sh.in10
1 files changed, 5 insertions, 5 deletions
diff --git a/sh/rc-cgroup.sh.in b/sh/rc-cgroup.sh.in
index 20b2c6ec..5987f966 100644
--- a/sh/rc-cgroup.sh.in
+++ b/sh/rc-cgroup.sh.in
@@ -53,7 +53,7 @@ cgroup_set_values()
while [ -n "$1" -a "$controller" != "cpuacct" ]; do
case "$1" in
$controller.*)
- if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
+ if [ -n "$name" -a -w "$cgroup/$name" -a -n "$val" ]; then
veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
printf "%s" "$val" > "$cgroup/$name"
fi
@@ -68,12 +68,12 @@ cgroup_set_values()
esac
shift
done
- if [ -n "$name" -a -f "$cgroup/$name" -a -n "$val" ]; then
+ if [ -n "$name" -a -w "$cgroup/$name" -a -n "$val" ]; then
veinfo "$RC_SVCNAME: Setting $cgroup/$name to $val"
printf "%s" "$val" > "$cgroup/$name"
fi
- if [ -f "$cgroup/tasks" ]; then
+ if [ -w "$cgroup/tasks" ]; then
veinfo "$RC_SVCNAME: adding to $cgroup/tasks"
printf "%d" 0 > "$cgroup/tasks"
fi
@@ -88,14 +88,14 @@ cgroup_add_service()
# cgroups. But may lead to a problems where that inheriting
# is needed.
for d in /sys/fs/cgroup/* ; do
- [ -f "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
+ [ -w "${d}"/tasks ] && printf "%d" 0 > "${d}"/tasks
done
openrc_cgroup=/sys/fs/cgroup/openrc
if [ -d "$openrc_cgroup" ]; then
cgroup="$openrc_cgroup/$RC_SVCNAME"
mkdir -p "$cgroup"
- [ -f "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
+ [ -w "$cgroup/tasks" ] && printf "%d" 0 > "$cgroup/tasks"
fi
}