diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2022-07-12 11:12:27 +0200 |
---|---|---|
committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2022-07-13 09:13:06 +0200 |
commit | e3419c03245c5639d457cb27f4081cee400f3a36 (patch) | |
tree | df2f65cd11adbe5e57e46720567837676e7d2d34 | |
parent | 7b4afbf621a787ead00ae83bdaebabeec3b0c707 (diff) | |
download | podman-e3419c03245c5639d457cb27f4081cee400f3a36.tar.gz podman-e3419c03245c5639d457cb27f4081cee400f3a36.tar.bz2 podman-e3419c03245c5639d457cb27f4081cee400f3a36.zip |
abi: create new cgroup when running in a container
if podman is running in the root cgroup, it will create a new
subcgroup and move itself there.
[NO NEW TESTS NEEDED] it needs nested podman
Closes: https://github.com/containers/podman/issues/14884
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
-rw-r--r-- | pkg/domain/infra/abi/system.go | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index eed80dd79..3389abd88 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -67,6 +67,18 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { } func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { + runsUnderSystemd := utils.RunsOnSystemd() + if !runsUnderSystemd { + isPid1 := os.Getpid() == 1 + if _, found := os.LookupEnv("container"); isPid1 || found { + if err := utils.MaybeMoveToSubCgroup(); err != nil { + // it is a best effort operation, so just print the + // error for debugging purposes. + logrus.Debugf("Could not move to subcgroup: %v", err) + } + } + } + if !rootless.IsRootless() { return nil } @@ -86,7 +98,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) if err != nil { return err } - runsUnderSystemd := utils.RunsOnSystemd() unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { |