cgrulesengd is a daemon, which distributes processes to control groups. When
any process changes its effective UID or GID, cgrulesengd inspects list
of rules loaded from cgrules.conf file and moves the process to
the appropriate control group.
The list of rules is read during the daemon startup and are cached in daemon's memory.
The daemon reloads the list of rules when it receives SIGUSR2 signal.
The daemon opens a standard unix socket to receive 'sticky' requests from
Write log messages to the given log file. When '-' is used as <path>, log messages
are written to the standard output. Both '-f' and '-s' can be used together then logs
are sent to both destinations.
Write log messages to syslog. The default facility is DAEMON. Both '-f'
and '-s' can be used together then logs are sent to both destinations.
Don't fork the daemon, stay in foreground.
Display more log messages. This option can be used twice to enable even more log
Display less log messages. This option can be used twice to enable even less log
messages and log errors only.
Equivalent to '-nvvf -', i.e. don't fork the daemon, display all log messages and
write them to the standard output.
Set owner of cgrulesengd socket. It assumes that cgexec tool runs with proper
suid permissions so it can write to the socket when cgexec --sticky is used.