diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2022-01-17 12:57:20 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-17 12:57:20 +0100 |
| commit | 8514ebd1827b12bae8b5d53d8f0e36244d1b3c3a (patch) | |
| tree | d8ccbe18806a8d03ac1d89754d4f009103803c5e /pkg/specgen/generate/oci.go | |
| parent | 26cf6c82c82cbf45afe5998e4a881b9f52202a01 (diff) | |
| parent | 607cb80bf77642c02b80bff56aa4c3e396a91fa0 (diff) | |
| download | podman-8514ebd1827b12bae8b5d53d8f0e36244d1b3c3a.tar.gz podman-8514ebd1827b12bae8b5d53d8f0e36244d1b3c3a.tar.bz2 podman-8514ebd1827b12bae8b5d53d8f0e36244d1b3c3a.zip | |
Merge pull request #12860 from rhatdan/cgroups
Use CONTAINERS_CONF cgroups flag for remote API.
Diffstat (limited to 'pkg/specgen/generate/oci.go')
| -rw-r--r-- | pkg/specgen/generate/oci.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go index ee3a990fc..f72ffe80c 100644 --- a/pkg/specgen/generate/oci.go +++ b/pkg/specgen/generate/oci.go @@ -152,7 +152,7 @@ func canMountSys(isRootless, isNewUserns bool, s *specgen.SpecGenerator) bool { return true } -func getCGroupPermissons(unmask []string) string { +func getCgroupPermissons(unmask []string) string { ro := "ro" rw := "rw" cgroup := "/sys/fs/cgroup" @@ -176,7 +176,7 @@ func getCGroupPermissons(unmask []string) string { // SpecGenToOCI returns the base configuration for the container. func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runtime, rtc *config.Config, newImage *libimage.Image, mounts []spec.Mount, pod *libpod.Pod, finalCmd []string, compatibleOptions *libpod.InfraInherit) (*spec.Spec, error) { - cgroupPerm := getCGroupPermissons(s.Unmask) + cgroupPerm := getCgroupPermissons(s.Unmask) g, err := generate.New("linux") if err != nil { @@ -357,7 +357,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt // set the devices cgroup when not running in a user namespace if !inUserNS && !s.Privileged { g.AddLinuxResourcesDevice(false, "", nil, nil, "rwm") - for _, dev := range s.DeviceCGroupRule { + for _, dev := range s.DeviceCgroupRule { g.AddLinuxResourcesDevice(true, dev.Type, dev.Major, dev.Minor, dev.Access) } } |