opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-22 18:08:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14764 from cdoern/cgroup

Browse Source 
limit cgroupfs when rootless
This commit is contained in:
openshift-ci[bot]
2022-06-29 13:00:03 +00:00
committed by GitHub
parent 6e910a08db 7f994a80de
commit dd924c4078
1 changed files with 18 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libpod/runtime_pod_linux.go
View File

@ -78,6 +78,8 @@ func (r *Runtime) NewPod(ctx context.Context, p specgen.PodSpecGenerator, option
pod.state.CgroupPath = filepath.Join(pod.config.CgroupParent, pod.ID())
if p.InfraContainerSpec != nil {
p.InfraContainerSpec.CgroupParent = pod.state.CgroupPath
// cgroupfs + rootless = permission denied when creating the cgroup.
if !rootless.IsRootless() {
res, err := GetLimits(p.InfraContainerSpec.ResourceLimits)
if err != nil {
return nil, err
@ -97,6 +99,7 @@ func (r *Runtime) NewPod(ctx context.Context, p specgen.PodSpecGenerator, option
}
}
}
}
case config.SystemdCgroupsManager:
if pod.config.CgroupParent == "" {
if rootless.IsRootless() {