Last active
March 1, 2016 01:54
-
-
Save 0xquad/d59d9e4446a6e56277d9 to your computer and use it in GitHub Desktop.
Script to allow the creation of user cgroups at login when no systemd is present
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# Simple script that uses the cgmanager client to create cgroups upon login | |
# for normal users so that they can use unprivileged LXC containers during | |
# their session. Meant to be executed at login time with a password-less | |
# sudo command like this: | |
# | |
# sudo /usr/local/bin/cg.sh create $$ | |
# | |
# To be used on systems without systemd. | |
# | |
# Put the following in /etc/sudoers.d/cgm and make sure users are part of the | |
# "users" group: | |
# | |
# Cmnd_Alias CGMANAGER = /usr/local/bin/cg.sh create *, \ | |
# /usr/local/bin/cg.sh remove *, \ | |
# /usr/local/bin/cg.sh remove | |
# %users ALL=(root) NOPASSWD:CGMANAGER | |
# | |
# Copyright (c) 2015, Alexandre Hamelin <alexandre.hamelin gmail.com> | |
action=$1 | |
pid=$2 | |
[[ -z "$SUDO_USER" ]] && exit 1 | |
cg=$SUDO_USER | |
case $action in | |
create) | |
[[ -z "$pid" ]] && exit 1 | |
cgm create all $cg &>/dev/null | |
cgm chown all $cg $(id -u $SUDO_USER) $(id -g $SUDO_USER) | |
cgm movepid all $cg $pid | |
;; | |
remove) | |
[[ -n "$pid" ]] && { | |
# Move the process back into the root cgroup. | |
# Assume this location for the cgroup_root mount point. | |
mnt=$(mount | awk '$1 == "cgroup_root" {print $3}') | |
cd "$mnt" | |
for ctrl in *; do | |
echo $pid > $ctrl/tasks | |
done | |
} | |
cgm remove all $cg | |
esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment