I am trying to work with control groups on two different operating systems (Ubuntu and CentOS). There are few concerns that I would like to ask.
I am trying to create a control group using the cgcreate command, and it looks like it requires root access on the machine. All the examples that I have seen so far do not say anything about needing to be the root user for creating or modifying control groups.
Is it really necessary to be the root user? The end goal is to write a C++ application that creates and manages control groups to control resources using the libcgroup API. But the C++ application is not going to be run by any root user. It could be any normal user.
Best Answer
The normal scenario is that you set
cgcreate,cgset,cgdelete,cgget, etc. up as root. Eventually the program/script meant to be restrained from sucking to many resources will be executed as a normal user. So, setup as root, use and execution as user.This is being done with the
-aand-tparameters of thecgcreatecommand (executed as root). So already when you set a group up. In my case:where monero is the username of the future user who will execute and run the program with the cgroup restrictions. For the fine difference between the
-aand-tsubparameters refer to the man pages ofcgcreate.In most cases that is both the same user.
Then, set up the restrictions (still as root):
Check your entries if you want to:
And then eventually switch user, in my case user monero, and from the right folder:
The user won't have any difficulty with permissions or so as you set it up specifically for him.