Date: Thu, 15 Nov 2012 16:30:43 +0100
From: Michal Hocko <mhocko@suse.cz>
To: Ulrich Windl <Ulrich.Windl@rz.uni-regensburg.de>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Q: using cgroups in real life
Message-ID: <20121115153043.GA24131@dhcp22.suse.cz>
References: <50A3B0A6020000A10000D757@gwsmtp1.uni-regensburg.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <50A3B0A6020000A10000D757@gwsmtp1.uni-regensburg.de>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1243
Lines: 36

On Wed 14-11-12 14:54:30, Ulrich Windl wrote:
> Hi!
> 
> I have a question on cgroups (as of Linux 3.0):
> The concept is to mount a filesystem, and configure cgroups through
> it. This implies that all the files belong to root (or maybe some
> other fixed user).

Have a look at libcgroup package - cgconfig in particular.

> AFAIK, you can chmod() and chown() files, but these bits are only kept
> in the i-node cache, so they may change at any time.

Not true they will live with the files

> I think this is bad, because if you want to allow users to limit
> (maybe memory usage) by using some predefined cgroup, the user
> needs at least partial write access to that cgroup (to add the
> PID). Probably this also means the user could add any PID (even those
> processes not owned by him).

man cgconfig.conf

[...]

I would suggest asking this kind of questions at libcgroup
libcg-devel@lists.sourceforge.net mailing list as it is more focused on
the cgroups usage.
-- 
Michal Hocko
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/