diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2022-07-12 11:12:27 +0200 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2022-07-26 13:08:19 -0400 |
commit | 35dc17bfe619444471317d067325d6f92752dc8f (patch) | |
tree | 52674b409dc779b7c8970152b811d435717dcc35 /pkg/domain/infra/abi | |
parent | 7b4ebfa657d605d0767be7ccb2607c923ce4311f (diff) | |
download | podman-35dc17bfe619444471317d067325d6f92752dc8f.tar.gz podman-35dc17bfe619444471317d067325d6f92752dc8f.tar.bz2 podman-35dc17bfe619444471317d067325d6f92752dc8f.zip |
abi: create new cgroup when running in a container
if podman is running in the root cgroup, it will create a new
subcgroup and move itself there.
[NO NEW TESTS NEEDED] it needs nested podman
Closes: https://github.com/containers/podman/issues/14884
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/domain/infra/abi')
-rw-r--r-- | pkg/domain/infra/abi/system.go | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index eed80dd79..3389abd88 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -67,6 +67,18 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) { } func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error { + runsUnderSystemd := utils.RunsOnSystemd() + if !runsUnderSystemd { + isPid1 := os.Getpid() == 1 + if _, found := os.LookupEnv("container"); isPid1 || found { + if err := utils.MaybeMoveToSubCgroup(); err != nil { + // it is a best effort operation, so just print the + // error for debugging purposes. + logrus.Debugf("Could not move to subcgroup: %v", err) + } + } + } + if !rootless.IsRootless() { return nil } @@ -86,7 +98,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) if err != nil { return err } - runsUnderSystemd := utils.RunsOnSystemd() unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager { if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { |