Thursday, May 23, 2024
 Popular · Latest · Hot · Upcoming
rated 0 times [  1] [ 0]  / answers: 1 / hits: 2299  / 3 Years ago, sat, may 8, 2021, 7:34:01

I've tried the procedures from:

but they don't work on Ubuntu 22.04, presumably because of the update to cgroups v2:

sudo cgcreate -a $USER:$USER -g memory:myGroup -t $USER:$USER
sudo cgset -r memory.max=500M myGroup
sudo cgset -r memory.swap.max=0 myGroup
cgexec -g memory:myGroup id

fails with:

cgroup change of group failed

It works if I run with sudo

sudo cgexec -g memory:myGroup id

but then the command runs as root, and I want it to run as the current user instead.

More From » 22.04


I read the Linux Kernel documentation and find the following (emphasis mine):


A read-write new-line separated values file which exists on all cgroups.


A PID can be written to migrate the process associated with the PID to the cgroup. The writer should match all of the following conditions.

  • It must have write access to the “cgroup.procs” file.

  • It must have write access to the “cgroup.procs” file of the common ancestor of the source and destination cgroups.


In this scenario, the common ancestor is /. So I make cgroup.procs of the root group writable:

sudo chmod o+w /sys/fs/cgroup/cgroup.procs

And now I can use cgexec as any non-root user. Not knowing if there is any security implication though.

[#563] Sunday, May 9, 2021, 3 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.

Total Points: 472
Total Questions: 121
Total Answers: 116

Location: Mayotte
Member since Thu, Dec 17, 2020
4 Years ago
oreera questions