Skip to content

Instantly share code, notes, and snippets.

@volodymyrsmirnov
Created November 5, 2012 11:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save volodymyrsmirnov/4016674 to your computer and use it in GitHub Desktop.
Save volodymyrsmirnov/4016674 to your computer and use it in GitHub Desktop.
#!/bin/bash
CG_ROOT="/sys/fs/cgroup";
function cg_init {
mkdir -p $CG_ROOT;
mount -t tmpfs cgroot $CG_ROOT;
}
function cg_set {
SUBSYSTEM=$1;
PROCESS_GROUP=$2
PARAM_NAME=$3;
PARAM_VALUE=$4;
APPEND=$5
if [ ! -d "$CG_ROOT/$SUBSYSTEM" ]; then
mkdir -p "$CG_ROOT/$SUBSYSTEM";
mount -t cgroup -o $SUBSYSTEM $SUBSYSTEM "$CG_ROOT/$SUBSYSTEM";
fi
if [ ! -d "$CG_ROOT/$SUBSYSTEM/$PROCESS_GROUP" ]; then
mkdir -p "$CG_ROOT/$SUBSYSTEM/$PROCESS_GROUP";
fi
if [ $APPEND -eq 1 ]; then
echo $PARAM_VALUE >> "$CG_ROOT/$SUBSYSTEM/$PROCESS_GROUP/$PARAM_NAME";
else
echo $PARAM_VALUE > "$CG_ROOT/$SUBSYSTEM/$PROCESS_GROUP/$PARAM_NAME";
fi
}
function cg_clear {
for CGROUP_SUBSYSTEM in "cpuset" "cpuacct" "devices" "memory" "freezer"
do
umount "$CG_ROOT/$CGROUP_SUBSYSTEM" 2> /dev/null;
rm -rf "$CG_ROOT/$CGROUP_SUBSYSTEM";
done
umount $CG_ROOT;
}
cg_init;
# add current PID to tasks
cg_set "devices" "cgroup_test" "tasks" $$ 1;
# deny access to everything in /dev/
cg_set "devices" "cgroup_test" "devices.deny" "a" 0;
# this should return "no permission" error
touch /dev/random;
cg_clear;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment