[systemd-devel] Dedicated cgroups for a user

Naoki Kawakami dolenin at parallels.com
Wed Sep 24 21:10:58 PDT 2014


Hello,

I am trying to find a way for a user to be assigned a dedicated cgroup 
under each of the controllers.

My default archlinux install give this:

$ cat /proc/self/cgroup
8:blkio:/
7:net_cls:/
6:freezer:/
5:devices:/user.slice
4:memory:/
3:cpu,cpuacct:/
2:cpuset:/
1:name=systemd:/user.slice/user-1000.slice/session-c1.scope


And I would like to achieve this when the user logs in:

8:blkio:/user.slice/user-1000.slice/session-c1.scope
7:net_cls:/user.slice/user-1000.slice/session-c1.scope
6:freezer:/user.slice/user-1000.slice/session-c1.scope
5:devices:/user.slice
4:memory:/user.slice/user-1000.slice/session-c1.scope
3:cpu,cpuacct:/user.slice/user-1000.slice/session-c1.scope
2:cpuset:/user.slice/user-1000.slice/session-c1.scope
1:name=systemd:/user.slice/user-1000.slice/session-c1.scope

and so that each group was owned by this UID 1000.
This is needed in order to run unprivileged containers under this user.

There is ubuntu hack called systemd-shim that seems to be doing just 
this, but I was wondering if it is possible to achieve the same with 
systemd configuration.


Thank you
NK


More information about the systemd-devel mailing list