Support passing of Ulimits as -1 to mean max

Docker allows the passing of -1 to indicate the maximum limit allowed for the current process. Fixes: https://github.com/containers/podman/issues/19319 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-06-23 02:18:13 +08:00 · 2023-09-08 07:03:49 -04:00
parent 55b9ea3ec7
commit 18d6bb40d5
8 changed files with 65 additions and 3 deletions
--- a/libpod/container_internal_common.go
+++ b/libpod/container_internal_common.go
@ -644,7 +644,8 @@ func (c *Container) generateSpec(ctx context.Context) (s *spec.Spec, cleanupFunc
 		for _, rlimit := range c.config.Spec.Process.Rlimits {
 			if rlimit.Type == "RLIMIT_NOFILE" {
 				nofileSet = true
-			} else if rlimit.Type == "RLIMIT_NPROC" {
+			}
+			if rlimit.Type == "RLIMIT_NPROC" {
 				nprocSet = true
 			}
 		}
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@ -324,6 +324,5 @@ func GetLimits(resource *spec.LinuxResources) (runcconfig.Resources, error) {

 	// Unified state
 	final.Unified = resource.Unified
-
 	return *final, nil
 }