mirror of
https://github.com/containers/podman.git
synced 2025-07-15 03:02:52 +08:00
ignition, machine: delegate cpu,io cgroup controllers to machine's default users
Makes sure that ignition setups up systemd config so cgroup controllers like `cpu, io` are also delegated to `non-root` along with `memory, pid`. This allows general users of `podman` on `macOS` and `podman-remote` to do operations which are dependent on `cpu, io` cgroup controllers. [NO TESTS NEEDED] [NO NEW TESTS NEEDED] We don't have a CI infra to test this, please pull the tree and run `podman info` inside the machine to confirm. Signed-off-by: Aditya R <arajan@redhat.com>
This commit is contained in:
@ -246,6 +246,10 @@ netns="bridge"
|
|||||||
`
|
`
|
||||||
rootContainers := `[engine]
|
rootContainers := `[engine]
|
||||||
machine_enabled=true
|
machine_enabled=true
|
||||||
|
`
|
||||||
|
|
||||||
|
delegateConf := `[Service]
|
||||||
|
Delegate=memory pids cpu io
|
||||||
`
|
`
|
||||||
|
|
||||||
// Add a fake systemd service to get the user socket rolling
|
// Add a fake systemd service to get the user socket rolling
|
||||||
@ -280,6 +284,24 @@ machine_enabled=true
|
|||||||
Mode: intToPtr(0744),
|
Mode: intToPtr(0744),
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
|
|
||||||
|
// Set delegate.conf so cpu,io subsystem is delegated to non-root users as well for cgroupv2
|
||||||
|
// by default
|
||||||
|
files = append(files, File{
|
||||||
|
Node: Node{
|
||||||
|
Group: getNodeGrp("root"),
|
||||||
|
Path: "/etc/systemd/system/user@.service.d/delegate.conf",
|
||||||
|
User: getNodeUsr("root"),
|
||||||
|
},
|
||||||
|
FileEmbedded1: FileEmbedded1{
|
||||||
|
Append: nil,
|
||||||
|
Contents: Resource{
|
||||||
|
Source: encodeDataURLPtr(delegateConf),
|
||||||
|
},
|
||||||
|
Mode: intToPtr(0644),
|
||||||
|
},
|
||||||
|
})
|
||||||
|
|
||||||
// Add a file into linger
|
// Add a file into linger
|
||||||
files = append(files, File{
|
files = append(files, File{
|
||||||
Node: Node{
|
Node: Node{
|
||||||
|
Reference in New Issue
Block a user