mirror of
				https://github.com/containers/podman.git
				synced 2025-10-25 10:16:43 +08:00 
			
		
		
		
	 4878dff3e2
			
		
	
	4878dff3e2
	
	
	
		
			
			In case os.Open[File], os.Mkdir[All], ioutil.ReadFile and the like fails, the error message already contains the file name and the operation that fails, so there is no need to wrap the error with something like "open %s failed". While at it - replace a few places with os.Open, ioutil.ReadAll with ioutil.ReadFile. - replace errors.Wrapf with errors.Wrap for cases where there are no %-style arguments. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
		
			
				
	
	
		
			91 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			91 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // +build linux
 | |
| 
 | |
| package cgroups
 | |
| 
 | |
| import (
 | |
| 	"bufio"
 | |
| 	"fmt"
 | |
| 	"os"
 | |
| 	"path/filepath"
 | |
| 	"strings"
 | |
| 	"sync"
 | |
| 	"syscall"
 | |
| 
 | |
| 	"github.com/pkg/errors"
 | |
| 	"golang.org/x/sys/unix"
 | |
| )
 | |
| 
 | |
| var (
 | |
| 	isUnifiedOnce sync.Once
 | |
| 	isUnified     bool
 | |
| 	isUnifiedErr  error
 | |
| )
 | |
| 
 | |
| // IsCgroup2UnifiedMode returns whether we are running in cgroup 2 cgroup2 mode.
 | |
| func IsCgroup2UnifiedMode() (bool, error) {
 | |
| 	isUnifiedOnce.Do(func() {
 | |
| 		var st syscall.Statfs_t
 | |
| 		if err := syscall.Statfs("/sys/fs/cgroup", &st); err != nil {
 | |
| 			isUnified, isUnifiedErr = false, err
 | |
| 		} else {
 | |
| 			isUnified, isUnifiedErr = st.Type == unix.CGROUP2_SUPER_MAGIC, nil
 | |
| 		}
 | |
| 	})
 | |
| 	return isUnified, isUnifiedErr
 | |
| }
 | |
| 
 | |
| // UserOwnsCurrentSystemdCgroup checks whether the current EUID owns the
 | |
| // current cgroup.
 | |
| func UserOwnsCurrentSystemdCgroup() (bool, error) {
 | |
| 	uid := os.Geteuid()
 | |
| 
 | |
| 	cgroup2, err := IsCgroup2UnifiedMode()
 | |
| 	if err != nil {
 | |
| 		return false, err
 | |
| 	}
 | |
| 
 | |
| 	f, err := os.Open("/proc/self/cgroup")
 | |
| 	if err != nil {
 | |
| 		return false, err
 | |
| 	}
 | |
| 	defer f.Close()
 | |
| 
 | |
| 	scanner := bufio.NewScanner(f)
 | |
| 	for scanner.Scan() {
 | |
| 		line := scanner.Text()
 | |
| 		parts := strings.SplitN(line, ":", 3)
 | |
| 
 | |
| 		if len(parts) < 3 {
 | |
| 			continue
 | |
| 		}
 | |
| 
 | |
| 		var cgroupPath string
 | |
| 
 | |
| 		if cgroup2 {
 | |
| 			cgroupPath = filepath.Join(cgroupRoot, parts[2])
 | |
| 		} else {
 | |
| 			if parts[1] != "name=systemd" {
 | |
| 				continue
 | |
| 			}
 | |
| 			cgroupPath = filepath.Join(cgroupRoot, "systemd", parts[2])
 | |
| 		}
 | |
| 
 | |
| 		st, err := os.Stat(cgroupPath)
 | |
| 		if err != nil {
 | |
| 			return false, err
 | |
| 		}
 | |
| 		s := st.Sys()
 | |
| 		if s == nil {
 | |
| 			return false, fmt.Errorf("error stat cgroup path %s", cgroupPath)
 | |
| 		}
 | |
| 
 | |
| 		if int(s.(*syscall.Stat_t).Uid) != uid {
 | |
| 			return false, nil
 | |
| 		}
 | |
| 	}
 | |
| 	if err := scanner.Err(); err != nil {
 | |
| 		return false, errors.Wrapf(err, "parsing file /proc/self/cgroup")
 | |
| 	}
 | |
| 	return true, nil
 | |
| }
 |