summaryrefslogtreecommitdiff
path: root/pkg/cgroups/cgroups_supported.go
Commit message (Collapse)AuthorAge
* rootless: automatically create a systemd scopeGiuseppe Scrivano2019-09-12
| | | | | | | | | | | | | | | | | | | | | when running in rootless mode and using systemd as cgroup manager create automatically a systemd scope when the user doesn't own the current cgroup. This solves a couple of issues: on cgroup v2 it is necessary that a process before it can moved to a different cgroup tree must be in a directory owned by the unprivileged user. This is not always true, e.g. when creating a session with su -l. Closes: https://github.com/containers/libpod/issues/3937 Also, for running systemd in a container it was before necessary to specify "systemd-run --scope --user podman ...", now this is done automatically as part of this PR. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* pkg: new package cgroupsGiuseppe Scrivano2019-06-26
provide a package for managing cgroups. This is not supposed to be a complete implementation with all the features supported by cgroups, but it is a minimal implementation designed around what libpod needs and it is currently using. For example, it is currently possible to Apply only the pids limit, as it is used by libpod for stopping containers, any other Apply will just fail. The main goal here is to have a minimal library where we have full control, so we can start playing with cgroup v2. When the need arises, we can add more features. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>