diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-04-21 18:22:35 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2023-04-27 12:18:32 +0200 |
| commit | a8b993dc11319292c54b301f3faffc4a05ab5ec1 (patch) | |
| tree | a5397671b291b436283716adee1ea3668c405714 /src/shared/bus-unit-util.c | |
| parent | cgroup: rework how we validate/escape cgroups (diff) | |
| download | systemd-a8b993dc11319292c54b301f3faffc4a05ab5ec1.tar.xz systemd-a8b993dc11319292c54b301f3faffc4a05ab5ec1.zip | |
core: add DelegateSubgroup= setting
This implements a minimal subset of #24961, but in a lot more
restrictive way: we only allow one level of subcgroup (as that's enough
to address the no-processes in inner cgroups rule), and does not change
anything about threaded cgroup logic or similar, or make any of this new
behaviour mandatory.
All this does is this: all non-control processes we invoke for a unit
we'll invoke in a subgroup by the specified name.
We'll later port all our current services that use cgroup delegation
over to this, i.e. user@.service, systemd-nspawn@.service and
systemd-udevd.service.
Diffstat (limited to 'src/shared/bus-unit-util.c')
| -rw-r--r-- | src/shared/bus-unit-util.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c index ebbd1f7f28..a321179609 100644 --- a/src/shared/bus-unit-util.c +++ b/src/shared/bus-unit-util.c @@ -461,7 +461,8 @@ static int bus_append_cgroup_property(sd_bus_message *m, const char *field, cons "ManagedOOMSwap", "ManagedOOMMemoryPressure", "ManagedOOMPreference", - "MemoryPressureWatch")) + "MemoryPressureWatch", + "DelegateSubgroup")) return bus_append_string(m, field, eq); if (STR_IN_SET(field, "ManagedOOMMemoryPressureLimit")) { |