POTD skeleton #70.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 8 insertions, 0 deletions

diff --git a/src/jail.c b/src/jail.c
index d0da50b..564e611 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -168,6 +168,10 @@ static int jail_mainloop(event_ctx **ev_ctx, const jail_ctx *ctx[], size_t siz)
     set_procname("[potd] jail");
     assert( set_child_sighandler() == 0 );
 
+    D2("%s", "Setup cgroups");
+    if (cgroups_set())
+        FATAL("%s", "Setup cgroups");
+
     rc = event_loop(*ev_ctx, jail_accept_client, &ev_jail);
     event_free(ev_ctx);
 
@@ -259,6 +263,10 @@ static int jail_childfn(prisoner_process *ctx)
     if (clearenv())
         FATAL("Clearing ENV for pid %d", self_pid);
 
+    D2("Activating cgroups for pid %d", self_pid);
+    if (cgroups_activate())
+        FATAL("Activating cgroups for pid %d", self_pid);
+
     caps_drop_dac_override(0);
     //caps_drop_all();