fix VNC pid exhaustion: remove bluez loop, raise machine.slice limit
kded5 was activating org.bluez.obex in a tight loop (no BT hardware in container), spawning thousands of obexd threads until the libpod scope hit its TasksMax=9286 systemd default — causing fork failures and a 502. - vnc-desktop/Dockerfile: purge bluez/bluez-obexd and delete D-Bus service activation files so kded5 can't trigger the loop - linux.nix: machine.slice TasksMax=infinity so the libpod scope ceiling can't be hit by legitimate KDE thread counts - linux.nix: containers.conf pids_limit=0 (unlimited) to let podman pass TasksMax=infinity to new container scopes pids.current went from 9286 (exhausted) to 159 after the fix. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
9a6bbc8015
commit
855f5dbded
2 changed files with 11 additions and 3 deletions
|
|
@ -208,9 +208,11 @@ in {
|
|||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
|
||||
# KDE Plasma spawns many threads; raise the default container pids limit (2048) to
|
||||
# avoid "Thread creation error: Resource temporarily unavailable" in the VNC container.
|
||||
virtualisation.containers.containersConf.settings.containers.pids_limit = 8192;
|
||||
# KDE Plasma spawns many threads (and obexd loops without Bluetooth hardware).
|
||||
# The libpod scope for each container inherits systemd's DefaultTasksMax (~9286);
|
||||
# raise machine.slice to infinity so podman scopes aren't capped.
|
||||
systemd.slices.machine.sliceConfig.TasksMax = "infinity";
|
||||
virtualisation.containers.containersConf.settings.containers.pids_limit = 0;
|
||||
|
||||
virtualisation.oci-containers = {
|
||||
backend = "podman";
|
||||
|
|
|
|||
|
|
@ -15,6 +15,12 @@ RUN apt-get update && apt-get install -y \
|
|||
openssh-client \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Remove Bluetooth stack — obexd gets activated in a tight loop by kded5
|
||||
# inside the container (no BT hardware), which exhausts the process limit.
|
||||
RUN apt-get purge -y --auto-remove bluez bluez-obexd 2>/dev/null || true; \
|
||||
rm -f /usr/share/dbus-1/services/org.bluez.obex.service \
|
||||
/usr/share/dbus-1/system-services/org.bluez.service
|
||||
|
||||
COPY start.sh /start.sh
|
||||
RUN chmod +x /start.sh
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue