Hi! Recently i moved my arch system to nspawn container. Now, i can't find out my process cgroup inside container: % systemctl --user show -p ControlGroup tmux.service ControlGroup=/system.slice/system-systemd\x5cx2dnspawn.slice/systemd-nspawn@grey.service/user.slice/user-1000.slice/user@1000.service/tmux.service % systemd-escape --unescape $(systemctl --user show -p ControlGroup tmux.service) ControlGroup=/system.slice/system/systemd\x2dnspawn.slice/systemd/nspawn@grey.service/user.slice/user/1000.slice/user@1000.service/tmux.service But actually nspawn.slice is located in /sys/fs/cgroup/systemd/system.slice/system-systemd\x2dnspawn.slice systemd-cgls shows: ├─system.slice ... │ └─system-systemd\x2dnspawn.slice │ └─systemd-nspawn@grey.service % systemctl --version systemd 218 +PAM -AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID -ELFUTILS +KMOD +IDN
This is a misunderstanding, "systemd-escape" is not implementing the escaping logic that we use for generating cgroups paths. Instead it implements escaping for including arbitrary strings in unit names. The escaping used for generating cgroup names is an internal implementation detail of systemd really. It's implemented here: http://cgit.freedesktop.org/systemd/systemd/tree/src/shared/cgroup-util.c#n1443
(In reply to Lennart Poettering from comment #1) > This is a misunderstanding, "systemd-escape" is not implementing the > escaping logic that we use for generating cgroups paths. Instead it > implements escaping for including arbitrary strings in unit names. > > The escaping used for generating cgroup names is an internal implementation > detail of systemd really. It's implemented here: > > http://cgit.freedesktop.org/systemd/systemd/tree/src/shared/cgroup-util. > c#n1443 Well, but how can i get my service cgroup from outside systemd code, in bash for example? I previously used: stat /sys/fs/cgroup/systemd/$(systemctl --user show -p ControlGroup tmux.service|sed 's/.*=//' ) but it doesn't work when service is running in container via nspawn service (systemctl start systemd-nspawn@grey.service) Right now only way how i can get it is: stat /sys/fs/cgroup/systemd/$(systemctl --user show -p ControlGroup tmux.service|sed 's/.*=//' | sed 's/x5c//' )
> stat /sys/fs/cgroup/systemd/$(systemctl --user show -p ControlGroup > tmux.service|sed 's/.*=//' ) This is pretty good already. To get the missing prefix use the control group root that your PID 1 systemd instance is using, which you can query with: systemctl -a show -p ControlGroup i.e. don't specify a unit name, and you get the manager's properties. And do this for the system instance, not the user instance. If you then concat the /sys/fs/cgroup prefix, with this PID1 cgroup root, with the unit path, then you should be good.
(In reply to Lennart Poettering from comment #3) > > stat /sys/fs/cgroup/systemd/$(systemctl --user show -p ControlGroup > > tmux.service|sed 's/.*=//' ) > > This is pretty good already. To get the missing prefix use the control group > root that your PID 1 systemd instance is using, which you can query with: > > systemctl -a show -p ControlGroup > > i.e. don't specify a unit name, and you get the manager's properties. And do > this for the system instance, not the user instance. > > If you then concat the /sys/fs/cgroup prefix, with this PID1 cgroup root, > with the unit path, then you should be good. Yes, but it returns broken path even for container system manager: % systemctl -a show -p ControlGroup ControlGroup=/system.slice/system-systemd\x5cx2dnspawn.slice/systemd-nspawn@grey.service But actually path is: % find /sys/fs/cgroup/systemd/ -name '*nspawn.slice' /sys/fs/cgroup/systemd/system.slice/system-systemd\x2dnspawn.slice
Note sure I understand what you are asking for? Slices are simply a way to group scope or service units. Not sure why you are interested in that?
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.