opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-22 18:08:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

abi: create new cgroup when running in a container

Browse Source 
if podman is running in the root cgroup, it will create a new
subcgroup and move itself there.

[NO NEW TESTS NEEDED] it needs nested podman

Closes: https://github.com/containers/podman/issues/14884

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2022-07-12 11:12:27 +02:00
parent 7b4afbf621
commit e3419c0324
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pkg/domain/infra/abi/system.go
View File

@ -67,6 +67,18 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
}
func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error {
runsUnderSystemd := utils.RunsOnSystemd()
if !runsUnderSystemd {
isPid1 := os.Getpid() == 1
if _, found := os.LookupEnv("container"); isPid1 || found {
if err := utils.MaybeMoveToSubCgroup(); err != nil {
// it is a best effort operation, so just print the
// error for debugging purposes.
logrus.Debugf("Could not move to subcgroup: %v", err)
}
}
}
if !rootless.IsRootless() {
return nil
}
@ -86,7 +98,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool)
if err != nil {
return err
}
runsUnderSystemd := utils.RunsOnSystemd()
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager {
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {