From c0dc4267577aa7ec7c830d6eb4ac367332afa750 Mon Sep 17 00:00:00 2001
From: Qiang Huang <h.huangqiang@huawei.com>
Date: Tue, 14 Apr 2015 08:38:34 +0800
Subject: [PATCH] add devices cgroup check and errors

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
---
 sysinfo/sysinfo.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sysinfo/sysinfo.go b/sysinfo/sysinfo.go
index 76a61fa..0c1ae87 100644
--- a/sysinfo/sysinfo.go
+++ b/sysinfo/sysinfo.go
@@ -58,5 +58,11 @@ func New(quiet bool) *SysInfo {
 	} else {
 		sysInfo.AppArmor = true
 	}
+
+	// Check if Devices cgroup is mounted, it is hard requirement for container security.
+	if _, err := cgroups.FindCgroupMountpoint("devices"); err != nil {
+		logrus.Fatalf("Error mounting devices cgroup: %v", err)
+	}
+
 	return sysInfo
 }