diff --git a/pkg/specgen/generate/validate.go b/pkg/specgen/generate/validate.go index 10997a202c..14a50c3c6a 100644 --- a/pkg/specgen/generate/validate.go +++ b/pkg/specgen/generate/validate.go @@ -5,12 +5,14 @@ import ( "fmt" "os" "path/filepath" + "reflect" "github.com/containers/common/pkg/cgroups" "github.com/containers/common/pkg/sysinfo" "github.com/containers/podman/v4/pkg/rootless" "github.com/containers/podman/v4/pkg/specgen" "github.com/containers/podman/v4/utils" + "github.com/opencontainers/runtime-spec/specs-go" ) // Verify resource limits are sanely set when running on cgroup v1. @@ -19,13 +21,16 @@ func verifyContainerResourcesCgroupV1(s *specgen.SpecGenerator) ([]string, error sysInfo := sysinfo.New(true) - if s.ResourceLimits != nil && rootless.IsRootless() { - s.ResourceLimits = nil - warnings = append(warnings, "Resource limits are not supported and ignored on cgroups V1 rootless systems") + // If ResourceLimits is nil, return without warning + resourceNil := &specgen.SpecGenerator{} + resourceNil.ResourceLimits = &specs.LinuxResources{} + if s.ResourceLimits == nil || reflect.DeepEqual(s.ResourceLimits, resourceNil.ResourceLimits) { + return nil, nil } - if s.ResourceLimits == nil { - return warnings, nil + // Cgroups V1 rootless system does not support Resource limits + if rootless.IsRootless() { + return []string{"Resource limits are not supported and ignored on cgroups V1 rootless systems"}, nil } if s.ResourceLimits.Unified != nil { diff --git a/test/system/700-play.bats b/test/system/700-play.bats index e1f9961953..e1a010441a 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -236,7 +236,6 @@ EOF } @test "podman kube --network" { - skip_if_rootless_cgroupsv1 "Test will never be supported, see #17582." TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml