Hello, On Fri, Aug 26, 2016 at 07:20:35AM -0700, Andy Lutomirski wrote: > > This is simply the action of changing the owner of cgroup sysfs files to > > allow an unprivileged user to handle them (cf. Documentation/cgroup-v2.txt) > > As far as I can tell, Tejun and systemd both actively discourage doing > this. Maybe I misunderstand. But in any event, the admin giving you Please refer to "2-5. Delegation" of Documentation/cgroup-v2.txt. Delegation on v1 is broken on both core and specific controller behaviors and thus discouraged. On v2, delegation should work just fine. I haven't looked in detail but in general I'm not too excited about layering security mechanism on top of cgroup. Maybe it makes some sense when security domain coincides with resource domains but at any rate please keep me in the loop. Thanks. -- tejun -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
