1 |
commit: 3de6395ae3b8780ab501f3cf8688e1cb2a9f0243 |
2 |
Author: William Hubbs <w.d.hubbs <AT> gmail <DOT> com> |
3 |
AuthorDate: Tue Nov 28 23:14:33 2017 +0000 |
4 |
Commit: William Hubbs <williamh <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Nov 28 23:14:33 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/openrc.git/commit/?id=3de6395a |
7 |
|
8 |
split cgroups mounting out of sysfs |
9 |
|
10 |
This is neceessary to allow cgroups to be mounted in an lxc/lxd |
11 |
container. |
12 |
|
13 |
Fixes https://github.com/openrc/openrc/issues/187 |
14 |
|
15 |
NEWS.md | 17 +++++++ |
16 |
init.d/.gitignore | 1 + |
17 |
init.d/Makefile | 7 +-- |
18 |
init.d/cgroups.in | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++ |
19 |
init.d/sysfs.in | 112 ---------------------------------------- |
20 |
runlevels/Makefile | 2 +- |
21 |
6 files changed, 170 insertions(+), 116 deletions(-) |
22 |
|
23 |
diff --git a/NEWS.md b/NEWS.md |
24 |
index 9982e9bd..70a6b4db 100644 |
25 |
--- a/NEWS.md |
26 |
+++ b/NEWS.md |
27 |
@@ -5,6 +5,23 @@ the information in this file is in reverse order. |
28 |
|
29 |
## OpenRC 0.35 |
30 |
|
31 |
+In this version, the cgroups mounting logic has been moved from the |
32 |
+sysfs service to the cgroups service. This was done so cgroups can be |
33 |
+mounted inside an lxc/lxd container without using the other parts of the |
34 |
+sysfs service. |
35 |
+ |
36 |
+?As a result of this change, if you are upgrading, you need to add |
37 |
+cgroups to your sysinit runlevel by running the following command as |
38 |
+root: |
39 |
+ |
40 |
+``` |
41 |
+# rc-update add cgroups sysinit |
42 |
+``` |
43 |
+ |
44 |
+For more information, see the following issue: |
45 |
+ |
46 |
+https://github.com/openrc/openrc/issues/187 |
47 |
+ |
48 |
Consider this your second notification with regard to /etc/mtab being a |
49 |
file instead of a symbolic link. |
50 |
|
51 |
|
52 |
diff --git a/init.d/.gitignore b/init.d/.gitignore |
53 |
index 95ad4aad..90abdbbe 100644 |
54 |
--- a/init.d/.gitignore |
55 |
+++ b/init.d/.gitignore |
56 |
@@ -1,5 +1,6 @@ |
57 |
agetty |
58 |
binfmt |
59 |
+cgroups |
60 |
modules-load |
61 |
bootmisc |
62 |
fsck |
63 |
|
64 |
diff --git a/init.d/Makefile b/init.d/Makefile |
65 |
index c6cdbd97..9c97e1ed 100644 |
66 |
--- a/init.d/Makefile |
67 |
+++ b/init.d/Makefile |
68 |
@@ -21,9 +21,10 @@ SRCS-FreeBSD= hostid.in modules.in moused.in newsyslog.in pf.in rarpd.in \ |
69 |
SRCS-FreeBSD+= adjkerntz.in devd.in dumpon.in encswap.in ipfw.in \ |
70 |
modules-load.in mixer.in nscd.in powerd.in syscons.in |
71 |
|
72 |
-SRCS-Linux= agetty.in binfmt.in devfs.in dmesg.in hwclock.in consolefont.in \ |
73 |
- keymaps.in killprocs.in modules.in modules-load.in mount-ro.in mtab.in \ |
74 |
- numlock.in procfs.in net-online.in sysfs.in termencoding.in |
75 |
+SRCS-Linux= agetty.in binfmt.in devfs.in cgroups.in dmesg.in hwclock.in \ |
76 |
+ consolefont.in keymaps.in killprocs.in modules.in modules-load.in \ |
77 |
+ mount-ro.in mtab.in numlock.in procfs.in net-online.in sysfs.in \ |
78 |
+termencoding.in |
79 |
|
80 |
# Generic BSD scripts |
81 |
SRCS-NetBSD= hostid.in moused.in newsyslog.in pf.in rarpd.in rc-enabled.in \ |
82 |
|
83 |
diff --git a/init.d/cgroups.in b/init.d/cgroups.in |
84 |
new file mode 100644 |
85 |
index 00000000..fe21904c |
86 |
--- /dev/null |
87 |
+++ b/init.d/cgroups.in |
88 |
@@ -0,0 +1,147 @@ |
89 |
+#!@SBINDIR@/openrc-run |
90 |
+# Copyright (c) 2017 The OpenRC Authors. |
91 |
+# See the Authors file at the top-level directory of this distribution and |
92 |
+# https://github.com/OpenRC/openrc/blob/master/AUTHORS |
93 |
+# |
94 |
+# This file is part of OpenRC. It is subject to the license terms in |
95 |
+# the LICENSE file found in the top-level directory of this |
96 |
+# distribution and at https://github.com/OpenRC/openrc/blob/master/LICENSE |
97 |
+# This file may not be copied, modified, propagated, or distributed |
98 |
+# except according to the terms contained in the LICENSE file. |
99 |
+ |
100 |
+description="Mount the control groups." |
101 |
+ |
102 |
+cgroup_opts=nodev,noexec,nosuid |
103 |
+ |
104 |
+depend() |
105 |
+{ |
106 |
+ keyword -docker -prefix -systemd-nspawn -vserver |
107 |
+ after sysfs |
108 |
+} |
109 |
+ |
110 |
+cgroup1_base() |
111 |
+{ |
112 |
+ grep -qw cgroup /proc/filesystems || return 0 |
113 |
+ if ! mountinfo -q /sys/fs/cgroup; then |
114 |
+ ebegin "Mounting cgroup filesystem" |
115 |
+ local opts="${cgroup_opts},mode=755,size=${rc_cgroupsize:-10m}" |
116 |
+ mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup |
117 |
+ eend $? |
118 |
+ fi |
119 |
+ |
120 |
+ if ! mountinfo -q /sys/fs/cgroup/openrc; then |
121 |
+ local agent="${RC_LIBEXECDIR}/sh/cgroup-release-agent.sh" |
122 |
+ mkdir /sys/fs/cgroup/openrc |
123 |
+ mount -n -t cgroup \ |
124 |
+ -o none,${cgroup_opts},name=openrc,release_agent="$agent" \ |
125 |
+ openrc /sys/fs/cgroup/openrc |
126 |
+ printf 1 > /sys/fs/cgroup/openrc/notify_on_release |
127 |
+ fi |
128 |
+ return 0 |
129 |
+} |
130 |
+ |
131 |
+cgroup1_controllers() |
132 |
+{ |
133 |
+ yesno "${rc_controller_cgroups:-YES}" && [ -e /proc/cgroups ] || return 0 |
134 |
+ while read -r name _ _ enabled _; do |
135 |
+ case "${enabled}" in |
136 |
+ 1) mountinfo -q "/sys/fs/cgroup/${name}" && continue |
137 |
+ local x |
138 |
+ for x in $rc_cgroup_controllers; do |
139 |
+ [ "${name}" = "blkio" ] && [ "${x}" = "io" ] && |
140 |
+ continue 2 |
141 |
+ [ "${name}" = "${x}" ] && |
142 |
+ continue 2 |
143 |
+ done |
144 |
+ mkdir "/sys/fs/cgroup/${name}" |
145 |
+ mount -n -t cgroup -o "${cgroup_opts},${name}" \ |
146 |
+ "${name}" "/sys/fs/cgroup/${name}" |
147 |
+ ;; |
148 |
+ esac |
149 |
+ done < /proc/cgroups |
150 |
+ return 0 |
151 |
+} |
152 |
+ |
153 |
+cgroup2_base() |
154 |
+{ |
155 |
+ local base |
156 |
+ base="$(cgroup2_find_path)" |
157 |
+ mkdir -p "${base}" |
158 |
+ mount -t cgroup2 none -o "${cgroup_opts},nsdelegate" "${base}" 2> /dev/null || |
159 |
+ mount -t cgroup2 none -o "${cgroup_opts}" "${base}" |
160 |
+ return 0 |
161 |
+} |
162 |
+ |
163 |
+cgroup2_controllers() |
164 |
+{ |
165 |
+ local active cgroup_path x y |
166 |
+ cgroup_path="$(cgroup2_find_path)" |
167 |
+ [ -z "${cgroup_path}" ] && return 0 |
168 |
+ [ -e "${cgroup_path}/cgroup.controllers" ] && |
169 |
+ read -r active < "${cgroup_path}/cgroup.controllers" |
170 |
+ for x in ${rc_cgroup_controllers}; do |
171 |
+ for y in ${active}; do |
172 |
+ [ "$x" = "$y" ] && |
173 |
+ [ -e "${cgroup_path}/cgroup.subtree_control" ]&& |
174 |
+ echo "+${x}" > "${cgroup_path}/cgroup.subtree_control" |
175 |
+ done |
176 |
+ done |
177 |
+ return 0 |
178 |
+} |
179 |
+ |
180 |
+cgroups_hybrid() |
181 |
+{ |
182 |
+ grep -qw cgroup /proc/filesystems || return 0 |
183 |
+ cgroup1_base |
184 |
+ if grep -qw cgroup2 /proc/filesystems; then |
185 |
+ cgroup2_base |
186 |
+ cgroup2_controllers |
187 |
+ fi |
188 |
+ cgroup1_controllers |
189 |
+ return 0 |
190 |
+} |
191 |
+ |
192 |
+cgroups_legacy() |
193 |
+{ |
194 |
+ grep -qw cgroup /proc/filesystems || return 0 |
195 |
+ cgroup1_base |
196 |
+ cgroup1_controllers |
197 |
+ return 0 |
198 |
+} |
199 |
+ |
200 |
+cgroups_unified() |
201 |
+{ |
202 |
+ cgroup2_base |
203 |
+ cgroup2_controllers |
204 |
+ return 0 |
205 |
+} |
206 |
+ |
207 |
+mount_cgroups() |
208 |
+{ |
209 |
+ case "${rc_cgroup_mode:-hybrid}" in |
210 |
+ hybrid) cgroups_hybrid ;; |
211 |
+ legacy) cgroups_legacy ;; |
212 |
+ unified) cgroups_unified ;; |
213 |
+ esac |
214 |
+ return 0 |
215 |
+} |
216 |
+ |
217 |
+restorecon_cgroups() |
218 |
+{ |
219 |
+ if [ -x /sbin/restorecon ]; then |
220 |
+ ebegin "Restoring SELinux contexts in /sys/fs/cgroup" |
221 |
+ restorecon -rF /sys/fs/cgroup >/dev/null 2>&1 |
222 |
+ eend $? |
223 |
+ fi |
224 |
+ return 0 |
225 |
+} |
226 |
+ |
227 |
+start() |
228 |
+{ |
229 |
+ # set up kernel support for cgroups |
230 |
+ if [ -d /sys/fs/cgroup ]; then |
231 |
+ mount_cgroups |
232 |
+ restorecon_cgroups |
233 |
+ fi |
234 |
+ return 0 |
235 |
+} |
236 |
|
237 |
diff --git a/init.d/sysfs.in b/init.d/sysfs.in |
238 |
index 892528ca..f0d02e5c 100644 |
239 |
--- a/init.d/sysfs.in |
240 |
+++ b/init.d/sysfs.in |
241 |
@@ -107,122 +107,11 @@ mount_misc() |
242 |
fi |
243 |
} |
244 |
|
245 |
-cgroup1_base() |
246 |
-{ |
247 |
- grep -qw cgroup /proc/filesystems || return 0 |
248 |
- if ! mountinfo -q /sys/fs/cgroup; then |
249 |
- ebegin "Mounting cgroup filesystem" |
250 |
- local opts="${sysfs_opts},mode=755,size=${rc_cgroupsize:-10m}" |
251 |
- mount -n -t tmpfs -o "${opts}" cgroup_root /sys/fs/cgroup |
252 |
- eend $? |
253 |
- fi |
254 |
- |
255 |
- if ! mountinfo -q /sys/fs/cgroup/openrc; then |
256 |
- local agent="${RC_LIBEXECDIR}/sh/cgroup-release-agent.sh" |
257 |
- mkdir /sys/fs/cgroup/openrc |
258 |
- mount -n -t cgroup \ |
259 |
- -o none,${sysfs_opts},name=openrc,release_agent="$agent" \ |
260 |
- openrc /sys/fs/cgroup/openrc |
261 |
- printf 1 > /sys/fs/cgroup/openrc/notify_on_release |
262 |
- fi |
263 |
- return 0 |
264 |
-} |
265 |
- |
266 |
-cgroup1_controllers() |
267 |
-{ |
268 |
- yesno "${rc_controller_cgroups:-YES}" && [ -e /proc/cgroups ] || return 0 |
269 |
- while read -r name _ _ enabled rest; do |
270 |
- case "${enabled}" in |
271 |
- 1) mountinfo -q "/sys/fs/cgroup/${name}" && continue |
272 |
- local x |
273 |
- for x in $rc_cgroup_controllers; do |
274 |
- [ "${name}" = "blkio" ] && [ "${x}" = "io" ] && |
275 |
- continue 2 |
276 |
- [ "${name}" = "${x}" ] && |
277 |
- continue 2 |
278 |
- done |
279 |
- mkdir "/sys/fs/cgroup/${name}" |
280 |
- mount -n -t cgroup -o "${sysfs_opts},${name}" \ |
281 |
- "${name}" "/sys/fs/cgroup/${name}" |
282 |
- ;; |
283 |
- esac |
284 |
- done < /proc/cgroups |
285 |
- return 0 |
286 |
-} |
287 |
- |
288 |
-cgroup2_base() |
289 |
-{ |
290 |
- local base |
291 |
- base="$(cgroup2_find_path)" |
292 |
- mkdir -p "${base}" |
293 |
- mount -t cgroup2 none -o "${sysfs_opts},nsdelegate" "${base}" 2> /dev/null || |
294 |
- mount -t cgroup2 none -o "${sysfs_opts}" "${base}" |
295 |
- return 0 |
296 |
-} |
297 |
- |
298 |
-cgroup2_controllers() |
299 |
-{ |
300 |
- local active cgroup_path x y |
301 |
- cgroup_path="$(cgroup2_find_path)" |
302 |
- [ -z "${cgroup_path}" ] && return 0 |
303 |
- [ -e "${cgroup_path}/cgroup.controllers" ] && |
304 |
- read -r active < "${cgroup_path}/cgroup.controllers" |
305 |
- for x in ${rc_cgroup_controllers}; do |
306 |
- for y in ${active}; do |
307 |
- [ "$x" = "$y" ] && |
308 |
- [ -e "${cgroup_path}/cgroup.subtree_control" ]&& |
309 |
- echo "+${x}" > "${cgroup_path}/cgroup.subtree_control" |
310 |
- done |
311 |
- done |
312 |
- return 0 |
313 |
-} |
314 |
- |
315 |
-cgroups_hybrid() |
316 |
-{ |
317 |
- grep -qw cgroup /proc/filesystems || return 0 |
318 |
- cgroup1_base |
319 |
- if grep -qw cgroup2 /proc/filesystems; then |
320 |
- cgroup2_base |
321 |
- cgroup2_controllers |
322 |
- fi |
323 |
- cgroup1_controllers |
324 |
- return 0 |
325 |
-} |
326 |
- |
327 |
-cgroups_legacy() |
328 |
-{ |
329 |
- grep -qw cgroup /proc/filesystems || return 0 |
330 |
- cgroup1_base |
331 |
- cgroup1_controllers |
332 |
- return 0 |
333 |
-} |
334 |
- |
335 |
-cgroups_unified() |
336 |
-{ |
337 |
- cgroup2_base |
338 |
- cgroup2_controllers |
339 |
- return 0 |
340 |
-} |
341 |
- |
342 |
-mount_cgroups() |
343 |
-{ |
344 |
- # set up kernel support for cgroups |
345 |
- if [ -d /sys/fs/cgroup ]; then |
346 |
- case "${rc_cgroup_mode:-hybrid}" in |
347 |
- hybrid) cgroups_hybrid ;; |
348 |
- legacy) cgroups_legacy ;; |
349 |
- unified) cgroups_unified ;; |
350 |
- esac |
351 |
- fi |
352 |
- return 0 |
353 |
-} |
354 |
- |
355 |
restorecon_sys() |
356 |
{ |
357 |
if [ -x /sbin/restorecon ]; then |
358 |
ebegin "Restoring SELinux contexts in /sys" |
359 |
restorecon -F /sys/devices/system/cpu/online >/dev/null 2>&1 |
360 |
- restorecon -rF /sys/fs/cgroup >/dev/null 2>&1 |
361 |
eend $? |
362 |
fi |
363 |
} |
364 |
@@ -231,7 +120,6 @@ start() |
365 |
{ |
366 |
mount_sys |
367 |
mount_misc |
368 |
- mount_cgroups |
369 |
restorecon_sys |
370 |
return 0 |
371 |
} |
372 |
|
373 |
diff --git a/runlevels/Makefile b/runlevels/Makefile |
374 |
index 8007bdda..f000db0d 100644 |
375 |
--- a/runlevels/Makefile |
376 |
+++ b/runlevels/Makefile |
377 |
@@ -38,7 +38,7 @@ BOOT-FreeBSD+= adjkerntz dumpon syscons |
378 |
|
379 |
BOOT-Linux+= binfmt hwclock keymaps modules mtab procfs termencoding |
380 |
SHUTDOWN-Linux= killprocs mount-ro |
381 |
-SYSINIT-Linux= devfs dmesg sysfs |
382 |
+SYSINIT-Linux= devfs cgroups dmesg sysfs |
383 |
|
384 |
# Generic BSD stuff |
385 |
BOOT-NetBSD+= hostid newsyslog savecore syslogd |