On Wed, Nov 18, 2020 at 01:48:56PM +0100, Pavel Hrdina wrote: > Using virtCgroupNewSelf() is not correct with cgroups v2 because the > the virt-host-validate process is executed from from the same cgroup > context as the terminal and usually not all controllers are enabled > by default. > > To do a proper check we need to use the root cgroup to see what > controllers are actually available. Libvirt or systemd ensures that > all controllers are available for VMs as well. > > This still doesn't solve the devices controller with cgroups v2 where > there is no controller as it was replaced by eBPF. Currently libvirt > tries to query eBPF programs which usually works only for root as > regular users will get permission denied for that operation. > > Fixes: https://gitlab.com/libvirt/libvirt/-/issues/94 > > Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx> > --- > src/libvirt_private.syms | 1 + > src/util/vircgroup.h | 4 ++++ > src/util/vircgrouppriv.h | 4 ---- > tools/virt-host-validate-common.c | 2 +- > 4 files changed, 6 insertions(+), 5 deletions(-) Unfortunately this broken mingw builds as virCgroupNew is missing a stub. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
