From 47e5acfbaefc45e536b953af6bf8a3993669c816 Mon Sep 17 00:00:00 2001
From: Qiang Huang <h.huangqiang@huawei.com>
Date: Tue, 14 Apr 2015 08:38:34 +0800
Subject: [PATCH] add devices cgroup check and errors

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
---
 pkg/sysinfo/sysinfo.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/pkg/sysinfo/sysinfo.go b/pkg/sysinfo/sysinfo.go
index 76a61fa95f..0c1ae87438 100644
--- a/pkg/sysinfo/sysinfo.go
+++ b/pkg/sysinfo/sysinfo.go
@@ -58,5 +58,11 @@ func New(quiet bool) *SysInfo {
 	} else {
 		sysInfo.AppArmor = true
 	}
+
+	// Check if Devices cgroup is mounted, it is hard requirement for container security.
+	if _, err := cgroups.FindCgroupMountpoint("devices"); err != nil {
+		logrus.Fatalf("Error mounting devices cgroup: %v", err)
+	}
+
 	return sysInfo
 }