Conversation
hulthe
force-pushed
the
systemd-cgroup-v2
branch
from
d90e176 to
2156330
Compare
|
Would this change imply that mullvad-exclude will only work with systemd? |
|
@dkwo This change requires systemd, yes. We will have a fallback to the old net_cls cgroup. This would apply to distros with old kernels, or without systemd. This fallback might be removed in the future though, since we don't really want to maintain support for deprecated kernel interfaces. We're thinking about adding a fallback to some other non-systemd mechanism, but no decision yet. |
|
I see. Just keep in mind that the current net_cls cgroup method is already broken e.g. on runit, so I would not bother keeping it around. |
hulthe
force-pushed
the
systemd-cgroup-v2
branch
2 times, most recently
from
8a021d4 to
720222a
Compare
Co-authored-by: David Lönnhager <david.l@mullvad.net>
This can be used with flatpak to "atomically" install our BPF hook in the new cgroup when the process is moved Co-authored-by: Joakim Hulthe <joakim.hulthe@mullvad.net>
dlon
force-pushed
the
systemd-cgroup-v2
branch
from
720222a to
887b7cd
Compare
Also add flags to override this behavior
dlon
force-pushed
the
systemd-cgroup-v2
branch
from
8946adc to
e589091
Compare
dlon
force-pushed
the
systemd-cgroup-v2
branch
from
e589091 to
20ff581
Compare
|
Another clarification: is the requirement for the init/service manager to implement cgroups v2, or specifically to have systemd as pid1? in the former case, runit also has support for cgroups v2, and others too. |
3 participants
This change is