cgroups: restore perms on tasks and cgroup.procs files

Although we don't want to restore the values on these files, we definitely
do want to restore the permissions, as certain container engines (lxc) make
use of this.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>

cgroup.c

@@ -85,6 +85,8 @@ static const char *global_props[] = {
 	"cgroup.clone_children",
 	"cgroup.sane_behavior",
 	"notify_on_release",
+	"cgroup.procs",
+	"tasks",
 	NULL
 };
 
@@ -333,6 +335,20 @@ static int read_cgroup_prop(struct cgroup_prop *property, const char *fullpath)
 	property->uid = sb.st_uid;
 	property->gid = sb.st_gid;
 
+	/* skip dumping the value of these, since it doesn't make sense (we
+	 * just want to restore the perms) */
+	if (!strcmp(property->name, "cgroup.procs") || !strcmp(property->name, "tasks")) {
+		ret = 0;
+		/* libprotobuf segfaults if we leave a null pointer in a
+		 * string, so let's not do that */
+		property->value = xstrdup("");
+		if (!property->value)
+			ret = -1;
+
+		close(fd);
+		return ret;
+	}
+
 	ret = read(fd, buf, sizeof(buf) - 1);
 	if (ret == -1) {
 		pr_err("Failed scanning %s\n", fullpath);
@@ -1123,6 +1139,12 @@ static int restore_cgroup_prop(const CgroupPropEntry * cg_prop_entry_p,
 		return -1;
 	}
 
+	/* skip these two since restoring their values doesn't make sense */
+	if (!strcmp(cg_prop_entry_p->name, "cgroup.procs") || !strcmp(cg_prop_entry_p->name, "tasks")) {
+		fclose(f);
+		return 0;
+	}
+
 	if (fprintf(f, "%s", cg_prop_entry_p->value) < 0) {
 		fclose(f);
 		pr_err("Failed writing %s to %s\n", cg_prop_entry_p->value, path);