Fix compat API in rootless mode ignores ulimits

Fixes: https://github.com/containers/podman/issues/25881

Signed-off-by: Jan Rodák <hony.com@seznam.cz>

pkg/api/handlers/compat/containers_create.go

@@ -486,15 +486,15 @@ func cliOpts(cc handlers.CreateContainerConfig, rtc *config.Config) (*entities.C
 		HealthMaxLogCount:    define.DefaultHealthMaxLogCount,
 		HealthMaxLogSize:     define.DefaultHealthMaxLogSize,
 	}
-	if !rootless.IsRootless() {
-		var ulimits []string
-		if len(cc.HostConfig.Ulimits) > 0 {
-			for _, ul := range cc.HostConfig.Ulimits {
-				ulimits = append(ulimits, ul.String())
-			}
-			cliOpts.Ulimit = ulimits
+
+	var ulimits []string
+	if len(cc.HostConfig.Ulimits) > 0 {
+		for _, ul := range cc.HostConfig.Ulimits {
+			ulimits = append(ulimits, ul.String())
 		}
+		cliOpts.Ulimit = ulimits
 	}
+
 	if cc.HostConfig.Resources.NanoCPUs > 0 {
 		if cliOpts.CPUPeriod != 0 || cliOpts.CPUQuota != 0 {
 			return nil, nil, fmt.Errorf("NanoCpus conflicts with CpuPeriod and CpuQuota")

test/apiv2/20-containers.at

@@ -419,6 +419,21 @@ t GET containers/$cid/json 200 \
 
 t DELETE containers/$cid?v=true 204
 
+
+# test compact API in rootless mode ignores ulimits https://github.com/containers/podman/issues/25881
+t POST containers/create \
+  Image=$IMAGE           \
+  HostConfig='{"Ulimits":[{"Name":"cpu","Soft":1,"Hard":2}]}' \
+  201                    \
+  .Id~[0-9a-f]\\{64\\}
+cid=$(jq -r '.Id' <<<"$output")
+t GET containers/$cid/json 200 \
+  .HostConfig.Ulimits[0].Name="RLIMIT_CPU" \
+  .HostConfig.Ulimits[0].Hard=2            \
+  .HostConfig.Ulimits[0].Soft=1            \
+
+t DELETE containers/$cid 204
+
 # test port mapping
 podman run -d --rm --name bar -p 8080:9090 $IMAGE top