LimitCORE in service file not honored

[hummerbliss]

Environment

rkt Version: 1.29.0
appc Version: 0.8.11
Go Version: go1.8.3
Go OS/Arch: linux/amd64
Features: -TPM +SDJOURNAL
--
Linux 4.4.0-116-generic x86_64
--
NAME="Ubuntu"
VERSION="16.04.4 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.4 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial
UBUNTU_CODENAME=xenial
--
systemd 229
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN

What did you do?

$ cat foo.service
[Unit]
Description=Test Service

[Service]
Slice=machine.slice
ExecStart=/usr/bin/rkt run --debug --net=host coreos.com/etcd
KillMode=mixed
Restart=always
LimitCORE=0

systemctl start foo.service

What did you expect to see? The process started in the container should have "Max core file size" set to 0 in /proc/pid/limits

What did you see instead? Output of cat /proc/$(pidof etcd)/limits

Limit                     Soft Limit           Hard Limit           Units
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        unlimited            unlimited            bytes

[hummerbliss]

Hello - anyother way to limit corefile size of process in the container ? The only option I can think of is running ulimit inside the container. But that would mean ExecStart needs to be a script instead of binary.

[lucab]

This is likely a duplicate of https://github.com/rkt/rkt/issues/2717.