Preserve the host's ulimits when creating toolbox containers

Since Podman supports '--ulimit host' only from version 1.5.0, which is newer than the minimum required version of 1.4.0, this only works if a new enough Podman is available. https://github.com/debarshiray/toolbox/issues/213
2019-07-23 13:12:16 +02:00 · 2019-07-23 13:12:16 +02:00 · 44bfa7d304
commit 44bfa7d304
parent 49163a89aa
1 changed files with 10 additions and 0 deletions
--- a/10
+++ b/10
@ -692,6 +692,7 @@ create()
    monitor_host=""
    no_hosts=""
    toolbox_profile_bind=""
+    ulimit_host=""

    # shellcheck disable=SC2153
    if [ "$DBUS_SYSTEM_BUS_ADDRESS" != "" ]; then
@ -750,6 +751,14 @@ create()
        monitor_host="--monitor-host"
    fi

+    echo "$base_toolbox_command: checking if 'podman create' supports --ulimit host" >&3
+
+    if man podman-create 2>&3 | grep "You can pass host" >/dev/null 2>&3; then
+        echo "$base_toolbox_command: 'podman create' supports --ulimit host" >&3
+
+        ulimit_host="--ulimit host"
+    fi
+
    if ! pull_base_toolbox_image; then
        return 1
    fi
@ -841,6 +850,7 @@ create()
            --pid host \
            --privileged \
            --security-opt label=disable \
+            $ulimit_host \
            --userns=keep-id \
            --user root:root \
            $flatpak_system_directory_bind \