search

troglobit / finit

Fast init for Linux. Cookies included
https://troglobit.com/projects/finit/
MIT License
621 stars 61 forks source link

cgroup move pid failed in 4.4 #361

Closed w41l closed 11 months ago

w41l commented 12 months ago

Since version 4.4 finit can not move process to /system/process. The process cgroup is still in CGROUP/init root:

root:~# finit -v
Finit 4.4
Bug report address: https://github.com/troglobit/finit/issues
Project homepage: https://troglobit.com/projects/finit/
root:~# initctl status redis-server
     Status : running
   Identity : redis-server
Description : Redis database server
     Origin : /etc/finit.d/enabled/redis.conf
Condition(s): <+net/lo/up>
    Command : /usr/bin/redis-server /etc/redis/redis.conf
   PID file : /run/redis.pid
        PID : 12066
       User : redis
      Group : redis
     Uptime : 11 sec
   Restarts : 0 (0/10)
  Runlevels : [----345----]
     Memory : 433.8M
     CGroup : /init cpu 0-7 [100, max] mem [0, max]
              ├─ 1 init
              ├─ 560 keventd
              ├─ 1302 freshclam -d -F --quiet -p /run/clamav/freshclam.pid
              └─ 12066 redis-server

Jul  7 09:33:03 gm15 finit[12066]: cgroup_leaf_init():Failed moving pid 12066 to group /sys/fs/cgroup/system/redis: Permission denied

This problem did not happened in version 4.3:

root:~# finit -v
Finit 4.3
Bug report address: https://github.com/troglobit/finit/issues
Project homepage: https://troglobit.com/projects/finit/
root:~# initctl status redis-server
     Status : running
   Identity : redis-server
Description : Redis database server
     Origin : /etc/finit.d/redis.conf
Environment :
Condition(s): <+net/lo/up>
    Command : /usr/bin/redis-server /etc/redis/redis.conf
   PID file : /run/redis.pid
        PID : 835
       User : redis
      Group : redis
     Uptime : 30 day 16 hour 11 min 19 sec
   Restarts : 0 (0/10)
  Runlevels : [--2345----]
     Memory : 7.9M
     CGroup : /system/redis cpu 0-3 [100, max] mem [0, max]
              └─ 835 redis-server

Finit 4.4 can move cgroup resources if the process, say redis or memcached, was started using root user.

troglobit commented 12 months ago

Interesting. Thank you for reporting this, I'll have a look at it over the weekend!

troglobit commented 11 months ago

Confirmed. Regression introduced in a refactor when we added support for pre:/post:/ready: scripts. The fix will ensure we also run these scripts in the correct cgroup.