initProcessCgroupPath returns container init's cgroup path, as read from /proc/PID/cgroup. Only works for cgroup v2. Returns empty string if the path can not be obtained. This is used by runc exec in these cases: 1. On cgroup v2 + nesting + domain controllers, adding to initial cgroup may fail wit
()
| 303 | // 2. A container init process with no cgroupns and /sys/fs/cgroup rw access |
| 304 | // may move itself to any other cgroup, and the original cgroup will disappear. |
| 305 | func (p *setnsProcess) initProcessCgroupPath() string { |
| 306 | if p.initProcessPid == 0 || !cgroups.IsCgroup2UnifiedMode() { |
| 307 | return "" |
| 308 | } |
| 309 | |
| 310 | cg, err := cgroups.ParseCgroupFile("/proc/" + strconv.Itoa(p.initProcessPid) + "/cgroup") |
| 311 | if err != nil { |
| 312 | return "" |
| 313 | } |
| 314 | cgroup, ok := cg[""] |
| 315 | if !ok { |
| 316 | return "" |
| 317 | } |
| 318 | |
| 319 | return fs2.UnifiedMountpoint + cgroup |
| 320 | } |
| 321 | |
| 322 | func (p *setnsProcess) addIntoCgroupV2() error { |
| 323 | sub := p.process.SubCgroupPaths[""] |
no outgoing calls
no test coverage detected