[systemd-devel] Is it possible to change the cgroup uid/gid for a systemd slice?
Lennart Poettering
lennart at poettering.net
Thu Aug 31 09:21:32 UTC 2023
On Mi, 30.08.23 23:08, Julio Lajara (julio.lajara at protonmail.com) wrote:
> Hi all, I have created a systemd slice to constrain CPU/mem
> resources for a service unit. The service unit runs as root (its a
> bash script) and it runs a subprocess using systemd-run that it also
> runs under the same slice but a different unprivileged user. The
> subprocess needs to read the cgroup memory data directly from the
> sysfs tree but it cant because its owned by root.
sysfs tree? You mean cgroupfs tree?
But the memory attributes are world readable, so no need to chown.
> Is there way I can change the permissions on it in the slice similar
> to how cgcreate has the -a option to set the uid/gid for the cgroup?
There's not. chowing of cgroups is pretty much about the ability to
change them or create subgroups in them, but we do not allow either to
client programs for slices.
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list