]>
Commit | Line | Data |
---|---|---|
f477da93 JR |
1 | diff -ur libcgroup-0.37/doc/man/cgconfig.conf.5 libcgroup-0.37-mode/doc/man/cgconfig.conf.5 |
2 | --- libcgroup-0.37/doc/man/cgconfig.conf.5 2010-12-07 16:42:41.000000000 +0100 | |
3 | +++ libcgroup-0.37-mode/doc/man/cgconfig.conf.5 2011-02-09 19:11:47.076601002 +0100 | |
4 | @@ -111,12 +111,15 @@ | |
5 | .ft B | |
6 | uid = <task user>; | |
7 | gid = <task group>; | |
8 | +mode = <task mode>; | |
9 | .RE | |
10 | } | |
11 | admin { | |
12 | .RS | |
13 | uid = <admin name>; | |
14 | gid = <admin group>; | |
15 | +dmode = <admin directory mode>; | |
16 | +fmode = <admin files mode>; | |
17 | .RE | |
18 | } | |
19 | .RE | |
20 | @@ -133,10 +136,19 @@ | |
21 | file of the control group. I.e. this user and members of this | |
22 | group has write access to the file. | |
23 | .TP 17 | |
24 | +.B "task mode" | |
25 | +Permission mode of \fItasks\fR file of the control group. | |
26 | +The mode have to be set using octal numbers e.g. 640. | |
27 | +.TP 17 | |
28 | .B "admin user/group" | |
29 | Name of the user and the group, which owns the rest of control group's | |
30 | files. These users are allowed to set subsystem | |
31 | parameters and create subgroups. | |
32 | +.TP 17 | |
33 | +.B "admin dmode/fmode" | |
34 | +Permission mode of control group's directory (\fIdmode\fR) and files | |
35 | +(\fIfmode\fR). The mode have to be set using octal numbers e.g. 775 | |
36 | +for \fIdmode\fR and 664 for \fIfmode\fR. | |
37 | .LP | |
38 | Permissions are related only to enclosing control group and are not | |
39 | inherited by subgroups. If there is no | |
40 | diff -ur libcgroup-0.37/src/api.c libcgroup-0.37-mode/src/api.c | |
41 | --- libcgroup-0.37/src/api.c 2010-12-07 16:42:41.000000000 +0100 | |
42 | +++ libcgroup-0.37-mode/src/api.c 2011-02-09 18:57:25.455591513 +0100 | |
43 | @@ -1409,6 +1409,10 @@ | |
643b509a JR |
44 | cgroup_dbg("Changing ownership of %s\n", fts_path[0]); |
45 | error = cg_chown_recursive(fts_path, | |
46 | cgroup->control_uid, cgroup->control_gid); | |
47 | + if (!error) | |
f477da93 JR |
48 | + error = cg_chmod_recursive(cgroup, |
49 | + cgroup->control_dmode, cgroup->control_dmode, | |
50 | + cgroup->control_fmode, cgroup->control_fmode); | |
643b509a JR |
51 | } |
52 | ||
53 | if (error) | |
f477da93 JR |
54 | @@ -1458,6 +1462,13 @@ |
55 | if (error) { | |
56 | last_errno = errno; | |
57 | error = ECGOTHER; | |
58 | + goto err; | |
59 | + } | |
60 | + if (cgroup->tasks_mode != 0) | |
61 | + error = chmod(path, cgroup->tasks_mode); | |
62 | + if (error) { | |
63 | + last_errno = errno; | |
64 | + error = ECGOTHER; | |
65 | goto err; | |
66 | } | |
67 | } | |
68 | diff -ur libcgroup-0.37/src/config.c libcgroup-0.37-mode/src/config.c | |
69 | --- libcgroup-0.37/src/config.c 2010-12-07 16:42:41.000000000 +0100 | |
70 | +++ libcgroup-0.37-mode/src/config.c 2011-02-09 18:59:15.330591502 +0100 | |
71 | @@ -226,6 +226,29 @@ | |
72 | } | |
73 | config_cgroup->tasks_gid = val; | |
74 | } | |
75 | + if (!strcmp(perm_type, "mode")) { | |
76 | + /* allowed mode strings are octal version: "755" */ | |
77 | + mode_t mode = 0; | |
78 | + int pos = 0; /* position of the number iin string */ | |
79 | + int i; | |
80 | + int j = 64; | |
81 | + | |
82 | + while (pos < 3) { | |
83 | + if (value[pos] < '0' || value[pos] >= '8') | |
84 | + goto group_task_error; | |
85 | + i = (int)value[pos] - (int)'0'; | |
86 | + /* parse the permission triple*/ | |
87 | + mode = mode + i*j; | |
88 | + j = j / 8; | |
89 | + pos++; | |
90 | + } | |
91 | + | |
92 | + /* the string have to contain three characters */ | |
93 | + if (value[pos] != '\0') | |
94 | + goto group_task_error; | |
95 | + | |
96 | + config_cgroup->tasks_mode = mode; | |
97 | + } | |
98 | ||
99 | free(perm_type); | |
100 | free(value); | |
101 | @@ -292,6 +315,52 @@ | |
102 | } | |
103 | config_cgroup->control_gid = val; | |
104 | } | |
105 | + if (!strcmp(perm_type, "dmode")) { | |
106 | + /* allowed mode strings are octal version: "755" */ | |
107 | + mode_t mode = 0; | |
108 | + int pos = 0; /* position of the number iin string */ | |
109 | + int i; | |
110 | + int j = 64; | |
111 | + | |
112 | + while (pos < 3) { | |
113 | + if (value[pos] < '0' || value[pos] >= '8') | |
114 | + goto admin_error; | |
115 | + i = (int)value[pos] - (int)'0'; | |
116 | + /* parse the permission triple*/ | |
117 | + mode = mode + i*j; | |
118 | + j = j / 8; | |
119 | + pos++; | |
120 | + } | |
121 | + | |
122 | + /* the string have to contain three characters */ | |
123 | + if (value[pos] != '\0') | |
124 | + goto admin_error; | |
125 | + | |
126 | + config_cgroup->control_dmode = mode; | |
127 | + } | |
128 | + if (!strcmp(perm_type, "fmode")) { | |
129 | + /* allowed mode strings are octal version: "755" */ | |
130 | + mode_t mode = 0; | |
131 | + int pos = 0; /* position of the number iin string */ | |
132 | + int i; | |
133 | + int j = 64; | |
134 | + | |
135 | + while (pos < 3) { | |
136 | + if (value[pos] < '0' || value[pos] >= '8') | |
137 | + goto admin_error; | |
138 | + i = (int)value[pos] - (int)'0'; | |
139 | + /* parse the permission triple*/ | |
140 | + mode = mode + i*j; | |
141 | + j = j / 8; | |
142 | + pos++; | |
143 | + } | |
144 | + | |
145 | + /* the string have to contain three characters */ | |
146 | + if (value[pos] != '\0') | |
147 | + goto admin_error; | |
148 | + | |
149 | + config_cgroup->control_fmode = mode; | |
150 | + } | |
151 | ||
152 | free(perm_type); | |
153 | free(value); | |
154 | diff -ur libcgroup-0.37/src/libcgroup-internal.h libcgroup-0.37-mode/src/libcgroup-internal.h | |
155 | --- libcgroup-0.37/src/libcgroup-internal.h 2010-10-20 15:59:13.000000000 +0200 | |
156 | +++ libcgroup-0.37-mode/src/libcgroup-internal.h 2011-02-09 19:14:13.803601030 +0100 | |
157 | @@ -84,8 +84,11 @@ | |
158 | int index; | |
159 | uid_t tasks_uid; | |
160 | gid_t tasks_gid; | |
161 | + mode_t tasks_mode; | |
162 | uid_t control_uid; | |
163 | gid_t control_gid; | |
164 | + mode_t control_dmode; | |
165 | + mode_t control_fmode; | |
166 | }; | |
167 | ||
168 |