libct/cg/sd/v2: Destroy: remove cgroups recursively

Currently, we can create subcgroup in a rootless container with systemd cgroupv2 on centos8. But after the container exited, the container cgroup and its subcgroup will not be removed. Fix this by removing all directories recursively. Fixes: opencontainers#3225 Signed-off-by: Kang Chen <kongchen28@gmail.com>
kolyshkin · Oct 1, 2021 · 7758d3f · 7758d3f
1 parent e999e29
commit 7758d3f
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/libcontainer/cgroups/systemd/v2.go b/libcontainer/cgroups/systemd/v2.go
@@ -3,7 +3,6 @@ package systemd
 import (
 	"fmt"
 	"math"
-	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
@@ -301,9 +300,10 @@ func (m *unifiedManager) Destroy() error {
 		return err
 	}
 
-	// XXX this is probably not needed, systemd should handle it
-	err := os.Remove(m.path)
-	if err != nil && !os.IsNotExist(err) {
+	// systemd 239 do not remove sub-cgroups.
+	err := m.fsMgr.Destroy()
+	// fsMgr.Destroy has handled ErrNotExist
+	if err != nil {
 		return err
 	}