summaryrefslogtreecommitdiff
path: root/troubleshooting.md
diff options
context:
space:
mode:
Diffstat (limited to 'troubleshooting.md')
-rw-r--r--troubleshooting.md42
1 files changed, 42 insertions, 0 deletions
diff --git a/troubleshooting.md b/troubleshooting.md
index 4b0f2e1e4..2e0abae21 100644
--- a/troubleshooting.md
+++ b/troubleshooting.md
@@ -644,3 +644,45 @@ $ podman run --read-only --rootfs /path/to/rootfs ....
Another option would be to create an overlay file system on the directory as a lower and then
then allow podman to create the files on the upper.
+
+### 26) Running containers with CPU limits fails with a permissions error
+
+On some systemd-based systems, non-root users do not have CPU limit delegation
+permissions. This causes setting CPU limits to fail.
+
+#### Symptom
+
+Running a container with a CPU limit options such as `--cpus`, `--cpu-period`,
+or `--cpu-quota` will fail with an error similar to the following:
+
+ Error: opening file `cpu.max` for writing: Permission denied: OCI runtime permission denied error
+
+This means that CPU limit delegation is not enabled for the current user.
+
+#### Solution
+
+You can verify whether CPU limit delegation is enabled by running the following command:
+
+ cat "/sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers"
+
+Example output might be:
+
+ memory pids
+
+In the above example, `cpu` is not listed, which means the curent user does
+not have permission to set CPU limits.
+
+If you want to enable CPU limit delegation for all users, you can create the
+file `/etc/systemd/system/user@.service.d/delegate.conf` with the contents:
+
+ [Service]
+ Delegate=memory pids cpu io
+
+After logging out and loggin back in, you should have permission to set CPU
+limits.
+
+### 26) `exec container process '/bin/sh': Exec format error` (or another binary than `bin/sh`)
+
+This can happen when running a container from an image for another architecture than the one you are running on.
+
+For example, if a remote repository only has, and thus send you, a `linux/arm64` _OS/ARCH_ but you run on `linux/amd64` (as happened in https://github.com/openMF/community-app/issues/3323 due to https://github.com/timbru31/docker-ruby-node/issues/564).
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-18 01:59:56 +0000