[Bug 1830746] Re: memlock setting in systemd (pid 1) too low for containers (bionic)

Guilherme G. Piccoli 1830746 at bugs.launchpad.net
Thu Sep 10 21:03:15 UTC 2020 

Hi Sebastian, thanks for offering help. And thanks of course Kees for reporting the issue!
Recently we faced a build breakage of cryptsetup package narrowed to this issue: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1891473

I intend to bump this limit to 64M to match recent releases; I'm using
the upstream systemd commit for this:
https://github.com/systemd/systemd/commit/91cfdd8d29

Cheers,


Guilherme

** Changed in: systemd (Ubuntu Cosmic)
       Status: Confirmed => Won't Fix

** Changed in: systemd (Ubuntu)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu Bionic)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu Cosmic)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu)
     Assignee: (unassigned) => Guilherme G. Piccoli (gpiccoli)

** Changed in: systemd (Ubuntu Disco)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu Eoan)
   Importance: Undecided => High

** Changed in: systemd (Ubuntu Bionic)
     Assignee: (unassigned) => Guilherme G. Piccoli (gpiccoli)

** Changed in: systemd (Ubuntu Cosmic)
     Assignee: (unassigned) => Guilherme G. Piccoli (gpiccoli)

** Changed in: systemd (Ubuntu Disco)
     Assignee: (unassigned) => Guilherme G. Piccoli (gpiccoli)

** Changed in: systemd (Ubuntu Eoan)
     Assignee: (unassigned) => Guilherme G. Piccoli (gpiccoli)

** Changed in: systemd (Ubuntu Bionic)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1830746

Title:
  memlock setting in systemd (pid 1) too low for containers (bionic)

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  In Progress
Status in systemd source package in Cosmic:
  Won't Fix
Status in systemd source package in Disco:
  Won't Fix
Status in systemd source package in Eoan:
  Fix Released

Bug description:
  See also https://discuss.linuxcontainers.org/t/limits-kernel-memlock-
  cannot-exceed-16777216/4856/5

  In containers, the limits.kernel.memlock cannot exceed 16777216 when
  the container is bionic. The memlock setting is set to 16M in systemd
  and cannot be bumped up in an unprivileged container.

  This is fixed in upstream systemd.

  Container ubuntu version:
  Distributor ID:	Ubuntu
  Description:	Ubuntu 18.04.2 LTS
  Release:	18.04
  Codename:	bionic

  systemd package version: 237-3ubuntu10.21

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1830746/+subscriptions

More information about the foundations-bugs mailing list