From fb88074e68db25474290535e8a778e39434cc2a2 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Wed, 3 Jul 2019 18:18:02 +0200
Subject: podman: add --ulimit host

add a simple way to copy ulimit values from the host.

if --ulimit host is used then the current ulimits in place are copied
to the container.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 pkg/spec/spec_linux.go | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 pkg/spec/spec_linux.go

(limited to 'pkg/spec/spec_linux.go')

diff --git a/pkg/spec/spec_linux.go b/pkg/spec/spec_linux.go
new file mode 100644
index 000000000..fcdfc5c4e
--- /dev/null
+++ b/pkg/spec/spec_linux.go
@@ -0,0 +1,42 @@
+//+build linux
+
+package createconfig
+
+import (
+	"syscall"
+
+	"github.com/pkg/errors"
+)
+
+type systemRlimit struct {
+	name  string
+	value int
+}
+
+var systemLimits = []systemRlimit{
+	{"RLIMIT_AS", syscall.RLIMIT_AS},
+	{"RLIMIT_CORE", syscall.RLIMIT_CORE},
+	{"RLIMIT_CPU", syscall.RLIMIT_CPU},
+	{"RLIMIT_DATA", syscall.RLIMIT_DATA},
+	{"RLIMIT_FSIZE", syscall.RLIMIT_FSIZE},
+	{"RLIMIT_NOFILE", syscall.RLIMIT_NOFILE},
+	{"RLIMIT_STACK", syscall.RLIMIT_STACK},
+}
+
+func getHostRlimits() ([]systemUlimit, error) {
+	ret := []systemUlimit{}
+	for _, i := range systemLimits {
+		var l syscall.Rlimit
+		if err := syscall.Getrlimit(i.value, &l); err != nil {
+			return nil, errors.Wrapf(err, "cannot read limits for %s", i.name)
+		}
+		s := systemUlimit{
+			name: i.name,
+			max:  l.Max,
+			cur:  l.Cur,
+		}
+		ret = append(ret, s)
+	}
+	return ret, nil
+
+}
-- 
cgit v1.2.3-54-g00ecf