From 541ec33075f9f2461b5286592312d2b50295ad32 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 13 Nov 2015 19:38:40 +0100
Subject: [PATCH] nspawn: set TasksMax= for containers to 8192 by default

---
 src/nspawn/nspawn-register.c     | 4 ++++
 units/systemd-nspawn@.service.in | 1 +
 2 files changed, 5 insertions(+)

diff --git a/src/nspawn/nspawn-register.c b/src/nspawn/nspawn-register.c
index 374f958c203..50871464c52 100644
--- a/src/nspawn/nspawn-register.c
+++ b/src/nspawn/nspawn-register.c
@@ -105,6 +105,10 @@ int register_machine(
                                 return bus_log_create_error(r);
                 }
 
+                r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", 8192);
+                if (r < 0)
+                        return bus_log_create_error(r);
+
                 r = sd_bus_message_append(m, "(sv)", "DevicePolicy", "s", "strict");
                 if (r < 0)
                         return bus_log_create_error(r);
diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in
index 2e79adff447..eb10343ac61 100644
--- a/units/systemd-nspawn@.service.in
+++ b/units/systemd-nspawn@.service.in
@@ -20,6 +20,7 @@ RestartForceExitStatus=133
 SuccessExitStatus=133
 Slice=machine.slice
 Delegate=yes
+TasksMax=8192
 
 # Enforce a strict device policy, similar to the one nspawn configures
 # when it allocates its own scope unit. Make sure to keep these
-- 
2.47.3