diff options
| author | Giuseppe Scrivano <gscrivan@redhat.com> | 2021-04-12 16:52:42 +0200 |
|---|---|---|
| committer | Giuseppe Scrivano <gscrivan@redhat.com> | 2021-04-12 16:55:55 +0200 |
| commit | 2fad29ccb2a048eb69f52014ae17db2a11a76256 (patch) | |
| tree | d6aab470bf72b66b5693a9c11e4cfbf5ba3b9e77 | |
| parent | 3803a2630f2bc53f18cbf2b7a825ff1b068a0fb7 (diff) | |
| download | podman-2fad29ccb2a048eb69f52014ae17db2a11a76256.tar.gz podman-2fad29ccb2a048eb69f52014ae17db2a11a76256.tar.bz2 podman-2fad29ccb2a048eb69f52014ae17db2a11a76256.zip | |
cgroup: do not set cgroup parent when rootless and cgroupfs
do not set the cgroup parent when running as rootless with cgroupfs,
even if cgroup v2 is used.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1947999
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| -rw-r--r-- | libpod/container_internal_linux.go | 2 | ||||
| -rw-r--r-- | test/system/420-cgroups.bats | 5 |
2 files changed, 6 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 4fc45e4f0..1986f7438 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -2216,7 +2216,7 @@ func (c *Container) getOCICgroupPath() (string, error) { } cgroupManager := c.CgroupManager() switch { - case (rootless.IsRootless() && !unified) || c.config.NoCgroups: + case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)) || c.config.NoCgroups: return "", nil case c.config.CgroupsMode == cgroupSplit: if c.config.CgroupParent != "" { diff --git a/test/system/420-cgroups.bats b/test/system/420-cgroups.bats index 615e43e6c..89c81a742 100644 --- a/test/system/420-cgroups.bats +++ b/test/system/420-cgroups.bats @@ -24,6 +24,11 @@ load helpers run_podman container inspect --format '{{.HostConfig.CgroupManager}}' myc is "$output" "$other" "podman preserved .HostConfig.CgroupManager" + if is_rootless && test $other = cgroupfs ; then + run_podman container inspect --format '{{.HostConfig.CgroupParent}}' myc + is "$output" "" "podman didn't set .HostConfig.CgroupParent for cgroupfs and rootless" + fi + # Restart the container, without --cgroup-manager option (ie use default) # Prior to #7970, this would fail with an OCI runtime error run_podman start myc |