From bd63a252f3095274e35c9ab2f5d51f833dd89619 Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Mon, 17 Aug 2020 16:24:56 -0400
Subject: Don't limit the size on /run for systemd based containers

We had a customer incident where they ran out of space on /run.

If you don't specify size, it will be still limited to 50% or memory
available in the cgroup the container is running in.  If the cgroup is
unlimited then the /run will be limited to 50% of the total memory
on the system.

Also /run is mounted on the host as exec, so no reason for us to mount
it noexec.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 cmd/podman/common/volumes.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

(limited to 'cmd/podman/common')

diff --git a/cmd/podman/common/volumes.go b/cmd/podman/common/volumes.go
index 20c31bd81..ca0b10765 100644
--- a/cmd/podman/common/volumes.go
+++ b/cmd/podman/common/volumes.go
@@ -88,17 +88,11 @@ func parseVolumes(volumeFlag, mountFlag, tmpfsFlag []string, addReadOnlyTmpfs bo
 			if _, ok := unifiedVolumes[dest]; ok {
 				continue
 			}
-			localOpts := options
-			if dest == "/run" {
-				localOpts = append(localOpts, "noexec", "size=65536k")
-			} else {
-				localOpts = append(localOpts, "exec")
-			}
 			unifiedMounts[dest] = spec.Mount{
 				Destination: dest,
 				Type:        TypeTmpfs,
 				Source:      "tmpfs",
-				Options:     localOpts,
+				Options:     options,
 			}
 		}
 	}
-- 
cgit v1.2.3-54-g00ecf