nspawn: bump RLIMIT_NOFILE for nspawn payload similar to how host PID 1 does it for its payload
We try to pass containers roughly the same rlimits as the host gets from
the kernel. However, this means we'd set the RLIMIT_NOFILE to 4K. Which
is quite limiting though, and is something we actually departed from in
PID1: since
52d620757817bc0fa7de3ddbe43024544ced7ea0 we raise the limit
substantially for all userspace.
Given that nspawn is quite often invoked without proper PID1, let's raise the
limits for container payloads the same way as we do from the real PID1
to its service payloads.
projects / systemd / .git / commit