summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/domain/infra/abi/system.go17
1 files changed, 16 insertions, 1 deletions
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
index 0faae01c8..3389abd88 100644
--- a/pkg/domain/infra/abi/system.go
+++ b/pkg/domain/infra/abi/system.go
@@ -67,6 +67,22 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
}
func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error {
+ runsUnderSystemd := utils.RunsOnSystemd()
+ if !runsUnderSystemd {
+ isPid1 := os.Getpid() == 1
+ if _, found := os.LookupEnv("container"); isPid1 || found {
+ if err := utils.MaybeMoveToSubCgroup(); err != nil {
+ // it is a best effort operation, so just print the
+ // error for debugging purposes.
+ logrus.Debugf("Could not move to subcgroup: %v", err)
+ }
+ }
+ }
+
+ if !rootless.IsRootless() {
+ return nil
+ }
+
// do it only after podman has already re-execed and running with uid==0.
hasCapSysAdmin, err := unshare.HasCapSysAdmin()
if err != nil {
@@ -82,7 +98,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool)
if err != nil {
return err
}
- runsUnderSystemd := utils.RunsOnSystemd()
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager {
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {