summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-09-04 09:23:07 +0200
committerLennart Poettering <lennart@poettering.net>2015-09-04 09:23:07 +0200
commit19af675e99d32172b58f1c91c8281ba2efd5d863 (patch)
treeb29563299c0bf3a80efda288cf4dbdda5f578f3f
parentsd-login: rework error handling (diff)
downloadsystemd-19af675e99d32172b58f1c91c8281ba2efd5d863.tar.xz
systemd-19af675e99d32172b58f1c91c8281ba2efd5d863.zip
cgroups: delegation to unprivileged services is safe in the unified hierarchy
Delegation to unpriviliged processes is safe in the unified hierarchy, hence allow it. This has the benefit of permitting "systemd --user" instances to further partition their resources between user services.
Diffstat (limited to '')
-rw-r--r--src/core/cgroup.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 0a5a08aeba..9a025cf929 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -507,15 +507,20 @@ CGroupMask unit_get_own_mask(Unit *u) {
return 0;
/* If delegation is turned on, then turn on all cgroups,
- * unless the process we fork into it is known to drop
- * privileges anyway, and shouldn't get access to the
- * controllers anyway. */
+ * unless we are on the legacy hierarchy and the process we
+ * fork into it is known to drop privileges, and hence
+ * shouldn't get access to the controllers.
+ *
+ * Note that on the unified hierarchy it is safe to delegate
+ * controllers to unprivileged services. */
if (c->delegate) {
ExecContext *e;
e = unit_get_exec_context(u);
- if (!e || exec_context_maintains_privileges(e))
+ if (!e ||
+ exec_context_maintains_privileges(e) ||
+ cg_unified() > 0)
return _CGROUP_MASK_ALL;
}