release_agentfile and trigger
release_agentinvocation by killing all processes in the cgroup. The easiest way to accomplish that is to mount a cgroup controller and create a child cgroup.
/tmp/cgrpdirectory, mount the RDMA cgroup controller and create a child cgroup (named “x” for the purposes of this example). While every cgroup controller has not been tested, this technique should work with the majority of cgroup controllers.
mount: /tmp/cgrp: special device cgroup does not exist, it’s because your setup doesn’t have the RDMA cgroup controller. Change
memoryto fix it. We’re using RDMA because the original PoC was only designed to work with it.
notify_on_releasefile. We also set the RDMA cgroup release agent to execute a
/cmdscript — which we will later create in the container — by writing the
/cmdscript path on the host to the
release_agentfile. To do it, we’ll grab the container’s path on the host from the
/cmdscript, which we are going to create on the host:
/cmdscript such that it will execute the
ps auxcommand and save its output into
/outputon the container by specifying the full path of the output file on the host. At the end, we also print the
/cmdscript to see its contents:
/bin/shprocess and writing its PID to the
cgroup.procsfile in “x” child cgroup directory, the script on the host will execute after
/bin/shexits. The output of
ps auxperformed on the host is then saved to the
/outputfile inside the container: