Provided by: cgmanager_0.39-2ubuntu5_amd64 bug

NAME

       cgm - a client script for cgmanager

DESCRIPTION

       cgm is a client script to simplify making requests of the cgroup manager.  It simply calls
       dbus-send to send requests to the running cgmanager or cgproxy.

       Usage:

       cgm ping

       cgm create <controller> <cgroup>

       cgm chown <controller> <cgroup> uid gid

       cgm chmod <controller> <cgroup> mode

       cgm chmodfile <controller> <cgroup> file mode

       cgm remove <controller> <cgroup> [0|1]

       cgm getpidcgroup <controller> pid

       cgm getpidcgroupabs <controller> pid

       cgm movepid <controller> <cgroup> pid

       cgm movepidabs <controller> <cgroup> pid

       cgm getvalue <controller> <cgroup> file

       cgm setvalue <controller> <cgroup> file value

       cgm gettasks <controller> <cgroup>

       cgm gettasksrecursive <controller> <cgroup>

       cgm listchildren <controller> <cgroup>

       cgm removeonempty <controller> <cgroup>

       cgm prune <controller> <cgroup>

       cgm listcontrollers

       cgm listkeys <controller> <cgroup>

       cgm apiversion

              Replace '<controller>' with the desired controller, i.e.   memory,  and  '<cgroup>'
              with  the  desired  cgroup,  i.e.  x1.   For  create,  chown, chmod, remove, prune,
              remove_on_empty, gettasksrecursive and movepid, <controller>  may  be  "all"  or  a
              comma-separated  set of cgroups.  Remove by default is recursive, but adding '0' as
              the last argument will perforn non-recursive deletion.  Adding '1' is supported for
              legacy reasons.

              To refer to the current cgroup, use ''.

NOTES

       In  order to protect the host from root in containers, cgmanager locks prevents tasks from
       administering cgroups which are not under their own.  The exceptions are that  root  in  a
       container  may  escape up to the cgroup of its cgproxy, and root on the host may escape to
       the root cgroup.

       This means that a user in freezer cgroup /foo cannot list cgroups in /.  However, as  root
       he can use movepidabs to escape to /, then list cgroups in /.

EXAMPLES

       To create a new cgroup called foo and move your shell into it, you could do:

       sudo cgm create all foo
       sudo cgm chown all foo $(id -u) $(id -g)
       cgm movepid all foo $$

       Then to freeze that cgroup,

       cgm setvalue freezer foo freezer.state FROZEN

SEE ALSO

       cgmanager(8)