Podman REST API /libpod/containers/create "r_limits" is type integer <uint64>

[jgperin]

Issue Description

https://docs.podman.io/en/latest/_static/api.html#tag/containers/operation/ContainerCreateLibpod

r_limits

hard integer
Hard is the hard limit for the specified type

soft integer
Soft is the soft limit for the specified type

There is no direct reference to Ulimits.

#19879

In PR 19879 Podman added support for passing Ulimits as -1 to mean min / max

Steps to reproduce the issue

/podman-py
containers_create
https://github.com/containers/podman-py/blob/main/podman/domain/containers_create.py

        for item in args.pop("ulimits", []):
            params["r_limits"].append(
                {
                    "type": item["Name"],
                    "hard": item["Hard"],
                    "soft": item["Soft"],
                }
            )

Code Example

client.containers.create(image=img, command=['/bin/bash'], ulimits=[{"Name": "memlock", "Soft": -1, "Hard": -1}])

Describe the results you received

podman.errors.exceptions.APIError: 500 Server Error: Internal Server Error (decode(): json: cannot unmarshal number -1 into Go struct field POSIXRlimit.r_limits.hard of type uint64)

Describe the results you expected

Expected successful creation of container with memlock min/max set to maximum values.

podman info output

[root@omitted]# podman info
host:
  arch: amd64
  buildahVersion: 1.33.11
  cgroupControllers:
  - cpuset
  - cpu
  - cpuacct
  - blkio
  - memory
  - devices
  - freezer
  - net_cls
  - perf_event
  - net_prio
  - hugetlb
  - pids
  - rdma
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: conmon-2.1.10-1.module+el8.10.0+90449+0b7c8529.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: 753128cb76d643886a978dba99fab8017289372d'
  cpuUtilization:
    idlePercent: 99.97
    systemPercent: 0.01
    userPercent: 0.02
  cpus: 56
  databaseBackend: sqlite
  distribution:
    distribution: ol
    variant: server
    version: "8.3"
  eventLogger: file
  freeLocks: 2047
  hostname: omitted
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.4.17-2011.7.4.el8uek.x86_64
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 142581444608
  memTotal: 200959377408
  networkBackend: cni
  networkBackendInfo:
    backend: cni
    dns:
      package: podman-plugins-4.9.4-18.0.1.module+el8.10.0+90449+0b7c8529.x86_64
      path: /usr/libexec/cni/dnsname
      version: |-
        CNI dnsname plugin
        version: 1.4.0-dev
        commit: unknown
        CNI protocol versions supported: 0.1.0, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 1.0.0
    package: containernetworking-plugins-1.4.0-5.module+el8.10.0+90449+0b7c8529.x86_64
    path: /usr/libexec/cni
  ociRuntime:
    name: runc
    package: runc-1.1.12-5.module+el8.10.0+90449+0b7c8529.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.1.12
      spec: 1.0.2-dev
      go: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996)
      libseccomp: 2.5.2
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: true
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /bin/slirp4netns
    package: slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.x86_64
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 4294963200
  swapTotal: 4294963200
  uptime: 1341h 26m 16.00s (Approximately 55.88 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - container-registry.oracle.com
  - docker.io
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 1
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphRootAllocated: 75125227520
  graphRootUsed: 63892619264
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "false"
    Using metacopy: "true"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 33
  runRoot: /run/containers/storage
  transientStore: false
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 4.9.4-rhel
  Built: 1732729681
  BuiltTime: Wed Nov 27 17:48:01 2024
  GitCommit: ""
  GoVersion: go1.22.7 (Red Hat 1.22.7-1.module+el8.10.0+90426+810ab996)
  Os: linux
  OsArch: linux/amd64
  Version: 4.9.4-rhel

Podman in a container

Yes

Privileged Or Rootless

Privileged

Upstream Latest Release

Yes

Additional environment details

Additional environment details

Additional information

Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting