From 76f8efc0d0d7a697a4821d01f3c5dbf67bf33d8e Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Mon, 11 May 2020 12:53:13 +0200
Subject: spec: fix order for setting rlimits

also make sure that the limits we set for rootless are not higher than
what we'd set for root containers.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 pkg/spec/spec.go               | 20 ++++++++++++++------
 test/e2e/generate_kube_test.go |  1 -
 test/e2e/play_kube_test.go     |  1 -
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
index 77e92ae29..25cad9578 100644
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@@ -545,10 +545,14 @@ func addRlimits(config *CreateConfig, g *generate.Generator) error {
 			if err := unix.Getrlimit(unix.RLIMIT_NOFILE, &rlimit); err != nil {
 				logrus.Warnf("failed to return RLIMIT_NOFILE ulimit %q", err)
 			}
-			current = rlimit.Cur
-			max = rlimit.Max
+			if rlimit.Cur < current {
+				current = rlimit.Cur
+			}
+			if rlimit.Max < max {
+				max = rlimit.Max
+			}
 		}
-		g.AddProcessRlimits("RLIMIT_NOFILE", current, max)
+		g.AddProcessRlimits("RLIMIT_NOFILE", max, current)
 	}
 	if !nprocSet {
 		max := kernelMax
@@ -558,10 +562,14 @@ func addRlimits(config *CreateConfig, g *generate.Generator) error {
 			if err := unix.Getrlimit(unix.RLIMIT_NPROC, &rlimit); err != nil {
 				logrus.Warnf("failed to return RLIMIT_NPROC ulimit %q", err)
 			}
-			current = rlimit.Cur
-			max = rlimit.Max
+			if rlimit.Cur < current {
+				current = rlimit.Cur
+			}
+			if rlimit.Max < max {
+				max = rlimit.Max
+			}
 		}
-		g.AddProcessRlimits("RLIMIT_NPROC", current, max)
+		g.AddProcessRlimits("RLIMIT_NPROC", max, current)
 	}
 
 	return nil
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index 1650831a5..389f2c822 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -21,7 +21,6 @@ var _ = Describe("Podman generate kube", func() {
 	)
 
 	BeforeEach(func() {
-		SkipIfRootlessV2()
 		tempdir, err = CreateTempDirInTempDir()
 		if err != nil {
 			os.Exit(1)
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index fa943c12f..9daf266b8 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -217,7 +217,6 @@ var _ = Describe("Podman generate kube", func() {
 	)
 
 	BeforeEach(func() {
-		SkipIfRootlessV2()
 		tempdir, err = CreateTempDirInTempDir()
 		if err != nil {
 			os.Exit(1)
-- 
cgit v1.2.3-54-g00ecf