0000153: cgroupv2 delegations doesn't applied on boot - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0000153	AlmaLinux-8	systemd	public	2021-11-17 06:56	2021-11-25 08:45

Reporter	nikk2000	Assigned To	alukoshko
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	no change required
Platform	x86_64	OS	AlmaLinux	OS Version	8.5

Summary	0000153: cgroupv2 delegations doesn't applied on boot
Description	I have set delegations in config file `/etc/systemd/system/user@.service.d/delegate.conf` as follows: ``` [Service] Delegate=memory pids cpu io ``` However everytime I boot, the following command will show empty output: ``` cat /sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers ``` I have to manually execute `systemctl daemon-reload` to apply delegations on every boot. So, is there any way to make systemd always apply delegations on boot?
Steps To Reproduce	1) A fresh installed AlmaLinux 8.5 or 8.4 (minimal install) 2) Install podman: ``` sudo dnf install podman ``` 3) Create default podman config file: ``` sudo cp -v /usr/share/containers/containers.conf /etc/containers/containers.conf sudo chmod og+r /etc/containers/containers.conf ``` 3) Enable cgroupv2 using the following command: ``` sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=1" sudo grub2-mkconfig -o /etc/grub2.cfg sudo grub2-mkconfig -o /etc/grub2-efi.cfg ``` 4) Create directory `/etc/systemd/system/user@.service.d/` if not exists: ``` sudo mkdir -pv /etc/systemd/system/user@.service.d/ ``` 5) Create `/etc/systemd/system/user@.service.d/delegate.conf` with the following contents: ``` [Service] Delegate=memory pids cpu io ``` 6) Reboot and then notice that the following command shows empty output: ``` cat /sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers ``` 7) Try execute `systemctl daemon-reload` and then re-execute the same command again. Notice that delegation is now applied: ``` sudo systemctl daemon-reload cat /sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers ``` 8) Reboot again and then the same command shows empty output again: ``` cat /sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers ```
Tags	cgroupv2, podman, systemd

abrt_hash
URL

nikk2000 2021-11-17 07:22 reporter ~0000397	Instead of `sudo systemctl daemon-reload`, stopping `user-$(id -u).slice` also applies delegations: ``` sudo systemctl stop user-$(id -u).slice ``` But delegations still disappeared after reboot.

nikk2000 2021-11-17 07:45 reporter ~0000399	I just found the solution https://github.com/systemd/systemd/issues/9512#issuecomment-405799225. I have to explicitly define a unit file for user-1000.slice (in my case, my $UID is 1000). 1) Create `/etc/systemd/system/user-1000.slice` file with the following contents (also check `/usr/lib/systemd/system/user-.slice.d/10-defaults.conf` for your user-1000.slice's default values): ``` [Unit] Description=User Slice of UID 1000 After=systemd-user-sessions.service StopWhenUnneeded=yes [Slice] TasksMax=80% [Install] WantedBy=multi-user.target ``` 2) Reload systemd units: ``` sudo systemctl daemon-reload ``` 3) Enable `user-1000.slice`: ``` sudo systemctl enable user-1000.slice ``` 4) Reboot and notice that the following command no longer produce empty output: ``` cat /sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers ```

Date Modified	Username	Field	Change
2021-11-17 06:56	nikk2000	New Issue
2021-11-17 06:56	nikk2000	Tag Attached: cgroupv2
2021-11-17 06:56	nikk2000	Tag Attached: podman
2021-11-17 06:56	nikk2000	Tag Attached: systemd
2021-11-17 07:22	nikk2000	Note Added: 0000397
2021-11-17 07:45	nikk2000	Note Added: 0000399
2021-11-25 08:45	alukoshko	Assigned To	=> alukoshko
2021-11-25 08:45	alukoshko	Status	new => closed
2021-11-25 08:45	alukoshko	Resolution	open => no change required