mirror of
https://github.com/token2/snapd.git
synced 2026-03-13 11:15:47 -07:00
fb502af681
* interfaces/microstack-support: set controlsDeviceCgroup to true This will prevent us from generating any udev rules which in turn should entirely disable the enforcement of the device cgroup for processes in the snap. This is justified by the snap already managing cgroups of its containers and VM's with the Delegate=true setting in serviceSnippets. See also LP bug: https://bugs.launchpad.net/snapd/+bug/1892895 which is partially addressed by this commit, specifically for the microstack snap which uses the microstack-support interface. Signed-off-by: Ian Johnson <ian.johnson@canonical.com> * tests: add spread test for microstack cgroup delegation * tests/main/interfaces-microstack-support: use snap restart This fixes the test by making it fail on master without the change to use controlsDeviceCgroup, but passes in the branch enabling that for the interface. Signed-off-by: Ian Johnson <ian.johnson@canonical.com> * tests: fix microstack-support test for cgroup v2 * i/b/microstack_support: add comment about delegation * tests/microstack: make the service more verbose Making the service more verbose might help debugging; these lines will end up in journald. * interfaces/udev/spec.go: leave TODO about cgroup interaction w/ Delegate=true Signed-off-by: Ian Johnson <ian.johnson@canonical.com> Co-authored-by: Alberto Mardegan <alberto.mardegan@canonical.com>