Oh right, I see now.. too early to comment as usual :(
The problem is that you are setting up a "privileged" container for MAAS which does not use UID mapping, hence the issue shows up in the MAAS workflow but not with a normal container deployment.
The rlimit-nproc is simply set in /etc/avahi/avahi-daemon.conf, so can easily be tweaked in the package. I believe the idea behind it originally is basically to ensure that avahi cannot be used to execute something else, despite all the chrooting, etc - even if there was a way. Essentially blocking further forking. For that reason, probably makes most sense to simply remove the limit rather than increase it by any given number.
Oh right, I see now.. too early to comment as usual :(
The problem is that you are setting up a "privileged" container for MAAS which does not use UID mapping, hence the issue shows up in the MAAS workflow but not with a normal container deployment.
The rlimit-nproc is simply set in /etc/avahi/ avahi-daemon. conf, so can easily be tweaked in the package. I believe the idea behind it originally is basically to ensure that avahi cannot be used to execute something else, despite all the chrooting, etc - even if there was a way. Essentially blocking further forking. For that reason, probably makes most sense to simply remove the limit rather than increase it by any given number.