Don't limit the size on /run for systemd based containers

We had a customer incident where they ran out of space on /run.

If you don't specify size, it will be still limited to 50% or memory
available in the cgroup the container is running in.  If the cgroup is
unlimited then the /run will be limited to 50% of the total memory
on the system.

Also /run is mounted on the host as exec, so no reason for us to mount
it noexec.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

2 files changed, 2 insertions, 8 deletions

diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index 20c31bd81..ca0b10765 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -88,17 +88,11 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
 			if _, ok := unifiedVolumes[dest]; ok {
 				continue
 			}
-			localOpts := options
-			if dest == "/run" {
-				localOpts = append(localOpts, "noexec", "size=65536k")
-			} else {
-				localOpts = append(localOpts, "exec")
-			}
 			unifiedMounts[dest] = spec.Mount{
 				Destination: dest,
 				Type:        TypeTmpfs,
 				Source:      "tmpfs",
-				Options:     localOpts,
+				Options:     options,
 			}
 		}
 	}
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index fdee3877c..ea4340e00 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -571,7 +571,7 @@ func (c *Container) setupSystemd(mounts []spec.Mount, g generate.Generator) erro
 			Destination: dest,
 			Type:        "tmpfs",
 			Source:      "tmpfs",
-			Options:     append(options, "tmpcopyup", "size=65536k"),
+			Options:     append(options, "tmpcopyup"),
 		}
 		g.AddMount(tmpfsMnt)
 	}