diff options
Diffstat (limited to 'sd_login/notes.org')
-rw-r--r-- | sd_login/notes.org | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/sd_login/notes.org b/sd_login/notes.org index 0627142..38e866b 100644 --- a/sd_login/notes.org +++ b/sd_login/notes.org @@ -8,6 +8,54 @@ * requested metadata on object is missing → -ENODATA */ +The format of a systemd cgroup path is: + + /prefix.../slice/slice/slice/unit/extra... + +Where + - there may be 0 or more slices + - `prefix...` may be an arbitrary number/arrangement of path segments + - `extra...` may be an arbitrary number/arrangement of path segments + +If there is more than one slice in a path, then the rightmost slice is +the one that we mean when we say "the slice". + +We will refer to everything under `prefix...` as a "tree" (my term). +Because `prefix...` and `extra...` may be arbitrary, we can have +multiple of trees nested inside eachother. + +Because `prefix...` may be arbitrary, we need to know how to skip over +it; how to get to "our" tree. + +For the system cgroup tree, we do this by looking at the cgroup of PID +1 and then trimming a designated suffix from it to get back to the +root of the tree. + +For user cgroup trees, `prefix...` is a *unit* under the system cgroup +tree, where the unit matches either `user@UID.service` or +`session-SESSION.scope`. + +A container may nest its cgroup tree inside of a unit also. Because +the container will have its own PID namespace, it will have its own +PID 1, and be able to inspect the cgroup of PID 1, just as the host +system does. + + +| Thing | | | +|-----------+------------------------------------------------+-------| +| Cgroup | - | | +|-----------+------------------------------------------------+-------| +| Unit | | | +| Slice | (/$X.slice){0,} or "-.slice" | | +|-----------+------------------------------------------------+-------| +| UserUnit | SkipUserPrefix.GetUnit | | +| UserSlice | SkipUserPrefix.GetSlice | | +|-----------+------------------------------------------------+-------| +| Session | scanf("session-${SessionName}.scope") | Unit | +| Owner | scanf("user-${UserID}.slice") | Slice | +| Machine | readlink("/run/systemd/machines/unit:${Unit}") | Unit | + + * PID ** get_... *** session |