| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case os.Open[File], os.Mkdir[All], ioutil.ReadFile and the like
fails, the error message already contains the file name and the
operation that fails, so there is no need to wrap the error with
something like "open %s failed".
While at it
- replace a few places with os.Open, ioutil.ReadAll with
ioutil.ReadFile.
- replace errors.Wrapf with errors.Wrap for cases where there
are no %-style arguments.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
|
|
|
|
|
| |
We can use this constant from the already existing sys/unix package
instead of defining it by our own.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when running in rootless mode and using systemd as cgroup manager
create automatically a systemd scope when the user doesn't own the
current cgroup.
This solves a couple of issues:
on cgroup v2 it is necessary that a process before it can moved to a
different cgroup tree must be in a directory owned by the unprivileged
user. This is not always true, e.g. when creating a session with su
-l.
Closes: https://github.com/containers/libpod/issues/3937
Also, for running systemd in a container it was before necessary to
specify "systemd-run --scope --user podman ...", now this is done
automatically as part of this PR.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
provide a package for managing cgroups. This is not supposed to be a
complete implementation with all the features supported by cgroups,
but it is a minimal implementation designed around what libpod needs
and it is currently using.
For example, it is currently possible to Apply only the pids limit,
as it is used by libpod for stopping containers, any other Apply will
just fail.
The main goal here is to have a minimal library where we have full
control, so we can start playing with cgroup v2.
When the need arises, we can add more features.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
