Score:1

Ubuntu

How can I enable resource limit delegation for my not-root user using cgroups?

87dsf897w6543d54fsdf

10/7/23, 6:17 AM

I am trying to set up resource limit delegation for a specific user myuser on Ubuntu 20.04.5. The point is that I need to be able to control resource limits when running my rootless Podman container.

However, despite the numerous online tutorials on cgroups, I am at a loss as to how I'm supposed to achieve this.

On the official Podman website, it says that I can verify whether resource limit delegation is enabled by running the following command:

cat "/sys/fs/cgroup/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers"

But the user.slice folder doesn't exist. Then it says that in any case I can enable resource limit delegation for all users by modifying the file:

/etc/systemd/system/user@.service.d/delegate.conf

But the user@.service.d folder doesn't exist. Then I'm being told that I maybe need to install the libcgroup package, but when I run

apt-get install libcgroup

I get

Unable to locate package libcgroup

So what am I supposed to do to enable cgroups on Ubuntu 20.04.5 and set up resource limit delegation for myuser?

Please help...

305

0 + 11

command-line

kernel

cgroup

resource-limiting

20.04

mchid

10/7/23, 6:33 AM

`find /sys/fs/cgroup/* | grep "user@$(id -u).service/cgroup.controllers"` shows that it's located at `/sys/fs/cgroup/unified/user.slice/user-$(id -u).slice/user@$(id -u).service/cgroup.controllers`

87dsf897w6543d54fsdf

10/7/23, 6:38 AM

@mchid Thank you for that. But after modifying my `cat...` command, I get an empty return value, i.e., can't delegate resource limits for that user. And the `delegate.conf` file is not existing anywhere.

mchid

10/7/23, 6:49 AM

[Would something like this work?](https://askubuntu.com/questions/557843/looking-for-a-consistent-way-to-configure-cgroups-on-ubuntu-14-04-desktop) You would need to install `cgroup-tools` Also, the package you were looking for is `libcgroup1` instead of `libcgroup` for some reason. Run `apt-cache search cgroup | grep cgroup` to list related packages.

mchid

10/7/23, 6:51 AM

If you're not a `vi` user, just use `nano` instead and you probably need to use `sudo` to run the commands in the linked answer or as root.

87dsf897w6543d54fsdf

10/7/23, 6:56 AM

@mchid Thanks for that, now I was able to install the `libcgroup` package. But still, there is no `/etc/cgrules.conf` file. And still no `delegate.conf` file. I installed both the `libcgroup1` and `cgroup-tools` packages.

mchid

10/7/23, 7:12 AM

You sure? `/etc/cgrules.conf` [should be provided by the `cgroup-tools` package](https://packages.ubuntu.com/search?suite=focal&arch=any&mode=exactfilename&searchon=contents&keywords=cgrules.conf).

mchid

10/7/23, 7:15 AM

Also, I couldn't find a delegate.conf file anywhere from any package. Unless it's a file that you create manually. Not sure the method they were using in the tutorial but using the `/etc/cgrules.conf` file seems pretty straightforward. If possible, you might be able to use that instead of the delegate file.

87dsf897w6543d54fsdf

10/7/23, 7:18 AM

@mchid Indeed, but the file is located at `/usr/share/doc/cgroup-tools/examples/cgrules.conf` instead of `/etc/cgrules.conf`. That seems strange, especially that it's inside a folder named `examples`. Am I supposed to copy that into `/etc/`? Why is there so little documentation on this? It's confusing, every step of the way.

mchid

10/7/23, 7:20 AM

Yeah, the `cgrules.conf` file is an **example file** located at `/usr/share/doc/cgroup-tools/examples/cgrules.conf` You can look to this file for examples. All you have to do is create your own file at `/etc/cgrules.conf` If the example configuration is what you want then copy the file to `/etc/cgrules.conf` and you can use that as a template.

mchid

10/7/23, 7:22 AM

The example shown in [the other answer](https://askubuntu.com/questions/557843/looking-for-a-consistent-way-to-configure-cgroups-on-ubuntu-14-04-desktop) does not use the example file as a template and appears to only set limits for a `groupname:username`

87dsf897w6543d54fsdf

10/7/23, 7:30 AM

@mchid Thanks for that. I will try that now. After modifying the file, am I supposed to restart some service? I don't see anything related to `cgroup`s or `cgconfig`s in the list of services, even though several tutorials suggest executing `service cgconfig restart`

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How can I enable resource limit delegation for my not-root user using cgroups?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.