aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2019-11-05 20:24:13 +0100
committerGitHub <noreply@github.com>2019-11-05 20:24:13 +0100
commit7eda1b08401ad9ab430261f2b2d236eb9a834454 (patch)
tree85342c71330e985dc92b29c96e6da8b7c52e4f4c /pkg
parenta904e21cf0213185fd115683dc2adc4baeff922a (diff)
parentb8514ca6f39e58c623a34440f20debe9d0e8053f (diff)
downloadpodman-7eda1b08401ad9ab430261f2b2d236eb9a834454.tar.gz
podman-7eda1b08401ad9ab430261f2b2d236eb9a834454.tar.bz2
podman-7eda1b08401ad9ab430261f2b2d236eb9a834454.zip
Merge pull request #4374 from giuseppe/create-cgroupns-by-default-on-cgroupsv2
namespaces: by default create cgroupns on cgroups v2
Diffstat (limited to 'pkg')
-rw-r--r--pkg/namespaces/namespaces.go5
-rw-r--r--pkg/spec/spec.go13
2 files changed, 18 insertions, 0 deletions
diff --git a/pkg/namespaces/namespaces.go b/pkg/namespaces/namespaces.go
index 9d1033b93..78b55bb2a 100644
--- a/pkg/namespaces/namespaces.go
+++ b/pkg/namespaces/namespaces.go
@@ -25,6 +25,11 @@ func (n CgroupMode) IsHost() bool {
return n == hostType
}
+// IsDefaultValue indicates whether the cgroup namespace has the default value.
+func (n CgroupMode) IsDefaultValue() bool {
+ return n == ""
+}
+
// IsNS indicates a cgroup namespace passed in by path (ns:<path>)
func (n CgroupMode) IsNS() bool {
return strings.HasPrefix(string(n), nsType)
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 86d701f7e..33e9ec076 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -631,6 +631,19 @@ func addIpcNS(config *CreateConfig, g *generate.Generator) error {
func addCgroupNS(config *CreateConfig, g *generate.Generator) error {
cgroupMode := config.CgroupMode
+
+ if cgroupMode.IsDefaultValue() {
+ // If the value is not specified, default to "private" on cgroups v2 and "host" on cgroups v1.
+ unified, err := cgroups.IsCgroup2UnifiedMode()
+ if err != nil {
+ return err
+ }
+ if unified {
+ cgroupMode = "private"
+ } else {
+ cgroupMode = "host"
+ }
+ }
if cgroupMode.IsNS() {
return g.AddOrReplaceLinuxNamespace(string(spec.CgroupNamespace), NS(string(cgroupMode)))
}