Pam module seems to have an issue

[Noah McNallie <njm@xxxxxxx>]

Hi, I'm trying to use cgroups for cron and su and ssh login so I added 
the following in 'system-auth' which they all include gentoo:

session         required        pam_cgroup.so debug

My cgconfig.conf looks as follows:

#
#  Copyright IBM Corporation. 2007
#
#  Authors:     Balbir Singh <balbir@xxxxxxxxxxxxxxxxxx>
#  This program is free software; you can redistribute it and/or modify it
#  under the terms of version 2.1 of the GNU Lesser General Public License
#  as published by the Free Software Foundation.
#
#  This program is distributed in the hope that it would be useful, but
#  WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
mount {
    cpuset  = /sys/fs/cgroup/cpuset;
    cpu     = /sys/fs/cgroup/cpu;
    cpuacct = /sys/fs/cgroup/cpuacct;
    memory  = /sys/fs/cgroup/memory;
}

group users/alex {
         perm {
         task {
             uid = alex;
             gid = alex;
          } admin {
             uid = root;
             gid = root;
          }
        }
        cpu {
                cpu.shares = 100;
        }
        memory {
                memory.limit_in_bytes = 134217728;
        }
}

-- END --

And my cgrules.conf looks like this:

# /etc/cgrules.conf
#The format of this file is described in cgrules.conf(5)
#manual page.
#
# Example:
#<user>         <controllers>   <destination>
#@student       cpu,memory      usergroup/student/
#peter          cpu             test1/
#%              memory          test2/
# End of file
alex            cpu,memory      users/alex

-- END --

Now when I su to user alex I see this in /var/log/messages:

Jul  6 17:18:03 atlantic su[5583]: pam_cgroup(su:session): Changed 
cgroup for process 5583  with username alex.

-- END --

Except that pid is not in users/alex/tasks its in some task files 
related to openrc and it looks like the function 
cgroup_change_cgroup_uid_gid_flags is not doing a proper change:

[alex@xxxxxxxxxxxx][/sys/fs/cgroup]# ls
blkio  cpu  cpuacct  cpuset  memory  net_cls  openrc
[alex@xxxxxxxxxxxx][/sys/fs/cgroup]# find ./ -name tasks | xargs grep 5583
./net_cls/tasks:5583
./memory/tasks:5583
./blkio/tasks:5583
./cpuacct/tasks:5583
./cpu/openrc_sshd/tasks:5583
./cpuset/tasks:5583
./openrc/sshd/tasks:5583
[alex@xxxxxxxxxxxx][/sys/fs/cgroup]# cat memory/users/alex/tasks
[alex@xxxxxxxxxxxx][/sys/fs/cgroup]#

-- END --

Why is it not in users/alex what am I doing wrong?

Noah J. McNallie

--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html