Remove the SystemdCgroup feature
This commit is contained in:
parent
05d258667d
commit
6c6eff8ac4
4 changed files with 8 additions and 21 deletions
|
@ -495,9 +495,6 @@ void LocalDerivationGoal::startBuilder()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
useSystemdCgroup = parsedDrv->getRequiredSystemFeatures().count("Systemd-cgroup");
|
|
||||||
assert(!useSystemdCgroup);
|
|
||||||
|
|
||||||
if (useChroot) {
|
if (useChroot) {
|
||||||
|
|
||||||
/* Allow a user-configurable set of directories from the
|
/* Allow a user-configurable set of directories from the
|
||||||
|
@ -649,20 +646,18 @@ void LocalDerivationGoal::startBuilder()
|
||||||
dirsInChroot.erase(worker.store.printStorePath(*i.second.second));
|
dirsInChroot.erase(worker.store.printStorePath(*i.second.second));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (useSystemdCgroup) {
|
if (buildUser) {
|
||||||
settings.requireExperimentalFeature(Xp::SystemdCgroup);
|
if (auto cgroup = buildUser->getCgroup()) {
|
||||||
std::optional<Path> cgroup;
|
chownToBuilder(*cgroup);
|
||||||
if (!buildUser || !(cgroup = buildUser->getCgroup()))
|
chownToBuilder(*cgroup + "/cgroup.procs");
|
||||||
throw Error("feature 'systemd-cgroup' requires 'auto-allocate-uids = true' in nix.conf");
|
chownToBuilder(*cgroup + "/cgroup.threads");
|
||||||
chownToBuilder(*cgroup);
|
//chownToBuilder(*cgroup + "/cgroup.subtree_control");
|
||||||
chownToBuilder(*cgroup + "/cgroup.procs");
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#else
|
#else
|
||||||
if (parsedDrv->useUidRange())
|
if (parsedDrv->useUidRange())
|
||||||
throw Error("feature 'uid-range' is not supported on this platform");
|
throw Error("feature 'uid-range' is not supported on this platform");
|
||||||
if (useSystemdCgroup)
|
|
||||||
throw Error("feature 'systemd-cgroup' is not supported on this platform");
|
|
||||||
#if __APPLE__
|
#if __APPLE__
|
||||||
/* We don't really have any parent prep work to do (yet?)
|
/* We don't really have any parent prep work to do (yet?)
|
||||||
All work happens in the child, instead. */
|
All work happens in the child, instead. */
|
||||||
|
@ -673,8 +668,6 @@ void LocalDerivationGoal::startBuilder()
|
||||||
} else {
|
} else {
|
||||||
if (parsedDrv->useUidRange())
|
if (parsedDrv->useUidRange())
|
||||||
throw Error("feature 'uid-range' is only supported in sandboxed builds");
|
throw Error("feature 'uid-range' is only supported in sandboxed builds");
|
||||||
if (useSystemdCgroup)
|
|
||||||
throw Error("feature 'systemd-cgroup' is only supported in sandboxed builds");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (needsHashRewrite() && pathExists(homeDir))
|
if (needsHashRewrite() && pathExists(homeDir))
|
||||||
|
@ -1845,7 +1838,7 @@ void LocalDerivationGoal::runChild()
|
||||||
/* Unshare the cgroup namespace. This means
|
/* Unshare the cgroup namespace. This means
|
||||||
/proc/self/cgroup will show the child's cgroup as '/'
|
/proc/self/cgroup will show the child's cgroup as '/'
|
||||||
rather than whatever it is in the parent. */
|
rather than whatever it is in the parent. */
|
||||||
if (useSystemdCgroup && unshare(CLONE_NEWCGROUP) == -1)
|
if (buildUser && buildUser->getUIDCount() != 1 && unshare(CLONE_NEWCGROUP) == -1)
|
||||||
throw SysError("unsharing cgroup namespace");
|
throw SysError("unsharing cgroup namespace");
|
||||||
|
|
||||||
/* Do the chroot(). */
|
/* Do the chroot(). */
|
||||||
|
|
|
@ -41,10 +41,6 @@ struct LocalDerivationGoal : public DerivationGoal
|
||||||
|
|
||||||
Path chrootRootDir;
|
Path chrootRootDir;
|
||||||
|
|
||||||
/* Whether to make the 'systemd' cgroup controller available to
|
|
||||||
the build. */
|
|
||||||
bool useSystemdCgroup = false;
|
|
||||||
|
|
||||||
/* RAII object to delete the chroot directory. */
|
/* RAII object to delete the chroot directory. */
|
||||||
std::shared_ptr<AutoDelete> autoDelChroot;
|
std::shared_ptr<AutoDelete> autoDelChroot;
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,6 @@ std::map<ExperimentalFeature, std::string> stringifiedXpFeatures = {
|
||||||
{ Xp::FetchClosure, "fetch-closure" },
|
{ Xp::FetchClosure, "fetch-closure" },
|
||||||
{ Xp::ReplFlake, "repl-flake" },
|
{ Xp::ReplFlake, "repl-flake" },
|
||||||
{ Xp::AutoAllocateUids, "auto-allocate-uids" },
|
{ Xp::AutoAllocateUids, "auto-allocate-uids" },
|
||||||
{ Xp::SystemdCgroup, "systemd-cgroup" },
|
|
||||||
};
|
};
|
||||||
|
|
||||||
const std::optional<ExperimentalFeature> parseExperimentalFeature(const std::string_view & name)
|
const std::optional<ExperimentalFeature> parseExperimentalFeature(const std::string_view & name)
|
||||||
|
|
|
@ -24,7 +24,6 @@ enum struct ExperimentalFeature
|
||||||
FetchClosure,
|
FetchClosure,
|
||||||
ReplFlake,
|
ReplFlake,
|
||||||
AutoAllocateUids,
|
AutoAllocateUids,
|
||||||
SystemdCgroup,
|
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue