| > A control group on the machine in front of me tells me that you are wrong about two more things. But the problem is that the slices you showed are given to you by systemd. If systemd didn't want to give them to you for whatever reason, you couldn't use cgroups. And you've not responded to any other part of my comments that relate to how the design of cgroupv2 is clearly geared towards management processes controlling subtrees as opposed to programs controlling themselves (the key point being that the root tree has to be controlled by someone). > Unprivileged subtree delegation exists But it requires a privileged user to "allow" it, making it less useful in most cases because it has to be automated (allowing for possible exploits) or done manually (not useful). > Tejun Heo is interested in subtree delegation to unprivileged users That's very odd, and is not the impression I got after discussing these issues with him last year. In particular I proposed something like his "nsdelegate" patch in early 2016 so it's nice to see that he's come around on that topic. But if he's changed his mind, that's great! Note though that the first patch is not directly related to unprivileged subtree delegation. > systemd is not the sole user of version 2 control groups. Can you give an example? I'm also fairly certain they're the only user of "hybrid" cgroup versions. |
No, they are not. I did say that that control group told me that you are wrong about two things, the second being that systemd is not in fact the sole user of version 2 control groups. That should have been a major tip-off that systemd was not involved in that control group at all. (-:
> Can you give an example?
I actually did, two messages ago. Here's the hyperlink again.
* https://news.ycombinator.com/item?id=11845867