summaryrefslogtreecommitdiff
path: root/pkg/spec
diff options
context:
space:
mode:
authorGiuseppe Scrivano <gscrivan@redhat.com>2020-05-11 12:53:13 +0200
committerGiuseppe Scrivano <gscrivan@redhat.com>2020-05-11 13:02:33 +0200
commit76f8efc0d0d7a697a4821d01f3c5dbf67bf33d8e (patch)
treeb938c08824938b7adcce3888c9954e3118337b89 /pkg/spec
parent18b273b72ba76d485eb1b4d5df48bff1685953ff (diff)
downloadpodman-76f8efc0d0d7a697a4821d01f3c5dbf67bf33d8e.tar.gz
podman-76f8efc0d0d7a697a4821d01f3c5dbf67bf33d8e.tar.bz2
podman-76f8efc0d0d7a697a4821d01f3c5dbf67bf33d8e.zip
spec: fix order for setting rlimits
also make sure that the limits we set for rootless are not higher than what we'd set for root containers. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Diffstat (limited to 'pkg/spec')
-rw-r--r--pkg/spec/spec.go20
1 files changed, 14 insertions, 6 deletions
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 77e92ae29..25cad9578 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -545,10 +545,14 @@ func addRlimits(config *CreateConfig, g *generate.Generator) error {
if err := unix.Getrlimit(unix.RLIMIT_NOFILE, &rlimit); err != nil {
logrus.Warnf("failed to return RLIMIT_NOFILE ulimit %q", err)
}
- current = rlimit.Cur
- max = rlimit.Max
+ if rlimit.Cur < current {
+ current = rlimit.Cur
+ }
+ if rlimit.Max < max {
+ max = rlimit.Max
+ }
}
- g.AddProcessRlimits("RLIMIT_NOFILE", current, max)
+ g.AddProcessRlimits("RLIMIT_NOFILE", max, current)
}
if !nprocSet {
max := kernelMax
@@ -558,10 +562,14 @@ func addRlimits(config *CreateConfig, g *generate.Generator) error {
if err := unix.Getrlimit(unix.RLIMIT_NPROC, &rlimit); err != nil {
logrus.Warnf("failed to return RLIMIT_NPROC ulimit %q", err)
}
- current = rlimit.Cur
- max = rlimit.Max
+ if rlimit.Cur < current {
+ current = rlimit.Cur
+ }
+ if rlimit.Max < max {
+ max = rlimit.Max
+ }
}
- g.AddProcessRlimits("RLIMIT_NPROC", current, max)
+ g.AddProcessRlimits("RLIMIT_NPROC", max, current)
}
return nil