On Thu, Jun 20, 2019 at 02:19:34PM +0200, Lennart Poettering <[email protected]> wrote: > Sorry, but there is not, it's not safe, as documented.
The doc [1] says: > Think twice before delegating cgroup v1 controllers to less privileged > containers. It’s not safe, you basically allow your containers to > freeze the system with that and worse. My search-fu is not strong enough and I'm interested in the details. What controller settings can have such ramifications on the rest of the system? Thanks, Michal [1] https://systemd.io/CGROUP_DELEGATION _______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
