Support max_size logoptions

Docker supports log-opt max_size and so does conmon (ALthough poorly).
Adding support for this allows users to at least make sure their containers
logs do not become a DOS vector.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

2 files changed, 6 insertions, 0 deletions

diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 147450703..105e36bc6 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -260,6 +260,9 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 		if len(s.LogConfiguration.Path) > 0 {
 			options = append(options, libpod.WithLogPath(s.LogConfiguration.Path))
 		}
+		if s.LogConfiguration.Size > 0 {
+			options = append(options, libpod.WithMaxLogSize(s.LogConfiguration.Size))
+		}
 		if len(s.LogConfiguration.Options) > 0 && s.LogConfiguration.Options["tag"] != "" {
 			// Note: I'm really guessing here.
 			options = append(options, libpod.WithLogTag(s.LogConfiguration.Options["tag"]))
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index b8f37ec7a..fa4af7b2b 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -19,6 +19,9 @@ type LogConfig struct {
 	// Only available if LogDriver is set to "json-file" or "k8s-file".
 	// Optional.
 	Path string `json:"path,omitempty"`
+	// Size is the maximimup size of the log file
+	// Optional.
+	Size int64 `json:"size,omitempty"`
 	// A set of options to accompany the log driver.
 	// Optional.
 	Options map[string]string `json:"options,omitempty"`