remove mountcgroup hook entirely

Also fix the comment in lxc-cirros template (which I overlooked last time).

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>

hooks/Makefile.am

@@ -2,7 +2,6 @@ hooksdir=@LXCHOOKDIR@
 
 hooks_SCRIPTS = \
 	clonehostname \
-	mountcgroups \
 	mountecryptfsroot \
 	ubuntu-cloud-prep \
 	squid-deb-proxy-client

hooks/mountcgroups

@@ -1,69 +0,0 @@
-#!/bin/bash
-
-# (C) Copyright Canonical 2011,2012
-
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-
-#
-# This is an example hook to mount all mounted cgroups in the
-# container.  Only the container's own cgroup (not parents) will be
-# accessible to the container.  You can enable this by adding
-# lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
-# to your container's configuration file.
-
-set -e
-
-c=$1
-configfile=$LXC_CONFIG_FILE
-d=/sys/fs/cgroup
-d2=$LXC_ROOTFS_MOUNT/${d}
-# name lxc hook lxcpath
-lxcpath=$4
-if [ ! -d "$d" ]; then
-    exit 0
-fi
-
-mount -n -t tmpfs tmpfs ${d2}
-
-do_devices_setup() {
-    local devdir="$1"
-    local c="$2"
-    local line
-    local w  # which (allow or deny)
-    local v  # value
-    # lxc.include provides common configuration options
-    local commonconfigfile=$(egrep "^lxc.include[ \t]*=" ${configfile} | awk -F= '{ print $2 }')
-    cat ${configfile} ${commonconfigfile} | egrep "^lxc.cgroup.devices.(allow|deny)[ \t]*=" | while read line; do
-        w=`echo $line | awk -F. '{ print $4 }' | awk '{ print $1 }'`
-        v=`echo $line | awk -F= '{ print $2 }'`
-        echo "$v" >> "$devdir"/devices.$w
-    done
-}
-
-# XXX TODO - we'll need to account for other cgroup groups beside 'lxc',
-# i.e. 'build' or 'users/joe'.
-for dir in `/bin/ls $d`; do
-    if [ "$dir" = "devices" ]; then
-        devicesdir="${d}/${dir}/lxc/${c}"
-        mkdir -p "$devicesdir"
-        # set the devices cgroup perms now - we can't change from blacklist to
-        # whitelist, or add perms, once we have children.
-        do_devices_setup "$devicesdir" "${c}"
-    fi
-    mkdir -p "${d}/${dir}/lxc/${c}/${c}.real"
-    echo 1 > "${d}/${dir}/lxc/${c}/${c}.real/tasks"
-    mkdir -p ${d2}/${dir}
-    mount -n --bind "${d}/${dir}/lxc/${c}/${c}.real" "${d2}/${dir}"
-done

templates/lxc-cirros.in

@@ -121,7 +121,7 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
 #lxc.aa_profile = unconfined
 # To support container nesting on an Ubuntu host, uncomment next two lines:
 #lxc.aa_profile = lxc-container-default-with-nesting
-#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
+#lxc.mount.auto = cgroup
 
 lxc.cgroup.devices.deny = a
 # Allow any mknod (but not using the node)