Lines Matching refs:cgroup

5 Implement a cgroup to track and enforce open and mknod restrictions
6 on device files.  A device cgroup associates a device access
7 whitelist with each cgroup.  A whitelist entry has 4 fields.
13 The root device cgroup starts with rwm to 'all'.  A child device
14 cgroup gets a copy of the parent.  Administrators can then remove
15 devices from the whitelist or add new entries.  A child cgroup can
23 	echo 'c 1:3 mr' > /sys/fs/cgroup/1/devices.allow
25 allows cgroup 1 to read and mknod the device usually known as
28 	echo a > /sys/fs/cgroup/1/devices.deny
32 	echo a > /sys/fs/cgroup/1/devices.allow
42 CAP_MKNOD.  We may want to just refuse moving to a cgroup which
47 task to a new cgroup.  (Again we'll probably want to change that).
49 A cgroup may not be granted more permissions than the cgroup's
54 device cgroups maintain hierarchy by making sure a cgroup never has more
56 a cgroup's devices.deny file, all its children will have that entry removed
59 more access than the cgroup's parent, it'll be removed from the whitelist.