mirror of
https://github.com/k3s-io/k3s.git
synced 2026-04-15 14:29:44 -04:00
24 lines
675 B
Go
24 lines
675 B
Go
//go:build linux && cgo
|
|
|
|
package cmds
|
|
|
|
import (
|
|
"os"
|
|
|
|
"github.com/moby/sys/userns"
|
|
"github.com/pkg/errors"
|
|
"github.com/rootless-containers/rootlesskit/pkg/parent/cgrouputil"
|
|
)
|
|
|
|
// EvacuateCgroup2 will handle evacuating the root cgroup in order to enable subtree_control,
|
|
// if running as pid 1 without rootless support.
|
|
func EvacuateCgroup2() error {
|
|
if os.Getpid() == 1 && !userns.RunningInUserNS() {
|
|
// The root cgroup has to be empty to enable subtree_control, so evacuate it by placing
|
|
// ourselves in the init cgroup.
|
|
if err := cgrouputil.EvacuateCgroup2("init"); err != nil {
|
|
return errors.Wrap(err, "failed to evacuate root cgroup")
|
|
}
|
|
}
|
|
return nil
|
|
}
|