vc: make cgroup usage configurable if rootless

rootless execution does not yet support cgroups, so if running
rootlessly skip the cgroup creation and deletion.

Fixes: 1877

Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>

virtcontainers/container.go

@@ -26,6 +26,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"golang.org/x/sys/unix"
 
+	"github.com/kata-containers/runtime/pkg/rootless"
 	"github.com/kata-containers/runtime/virtcontainers/device/config"
 	"github.com/kata-containers/runtime/virtcontainers/device/manager"
 	"github.com/kata-containers/runtime/virtcontainers/store"
@@ -909,7 +910,7 @@ func (c *Container) create() (err error) {
 	}
 	c.process = *process
 
-	if !c.sandbox.config.SandboxCgroupOnly {
+	if !c.sandbox.config.SandboxCgroupOnly || !rootless.IsRootless() {
 		if err = c.cgroupsCreate(); err != nil {
 			return
 		}
@@ -940,7 +941,8 @@ func (c *Container) delete() error {
 		return err
 	}
 
-	if !c.sandbox.config.SandboxCgroupOnly {
+	// If running rootless, there are no cgroups to remove
+	if !c.sandbox.config.SandboxCgroupOnly || !rootless.IsRootless() {
 		if err := c.cgroupsDelete(); err != nil {
 			return err
 		}

virtcontainers/sandbox.go

@@ -26,6 +26,7 @@ import (
 	"github.com/vishvananda/netlink"
 
 	"github.com/kata-containers/agent/protocols/grpc"
+	"github.com/kata-containers/runtime/pkg/rootless"
 	"github.com/kata-containers/runtime/virtcontainers/device/api"
 	"github.com/kata-containers/runtime/virtcontainers/device/config"
 	"github.com/kata-containers/runtime/virtcontainers/device/drivers"
@@ -764,8 +765,10 @@ func (s *Sandbox) Delete() error {
 		}
 	}
 
-	if err := s.cgroupsDelete(); err != nil {
-		return err
+	if !rootless.IsRootless() {
+		if err := s.cgroupsDelete(); err != nil {
+			return err
+		}
 	}
 
 	globalSandboxList.removeSandbox(s.id)