fix(podman): pass bare RLIMIT type ("NOFILE") to specgen

Podman's addRlimits (pkg/specgen/generate/oci.go) prepends "RLIMIT_" to
whatever Type we pass before handing the spec to runc. Setting
Type="RLIMIT_NOFILE" yielded "RLIMIT_RLIMIT_NOFILE" in the final OCI
bundle, which runc rejects with:

    runc create failed: wrong rlimit value: RLIMIT_RLIMIT_NOFILE

Pass the bare suffix "NOFILE" so podman appends the prefix exactly once.
Docker's path is unaffected — it uses units.Ulimit{Name: "nofile"}.

Author: skylenet

pkg/podman/podman.go

@@ -254,10 +254,14 @@ func (m *manager) CreateContainer(
 
 	// Bump RLIMIT_NOFILE to the kernel's hard ceiling so EL clients
 	// don't trip "too many open files" errors during long benchmark
-	// runs. Applied to every container we create.
+	// runs. Applied to every container we create. Note: Podman's
+	// addRlimits prepends "RLIMIT_" to whatever Type we pass, so the
+	// value here must be the bare suffix ("NOFILE"), not the full
+	// "RLIMIT_NOFILE" — passing the full form yields RLIMIT_RLIMIT_NOFILE
+	// at the OCI runtime layer, which runc rejects.
 	nofile := docker.HostMaxNofile()
 	s.Rlimits = append(s.Rlimits, specs.POSIXRlimit{
-		Type: "RLIMIT_NOFILE",
+		Type: "NOFILE",
 		Hard: nofile,
 		Soft: nofile,
 	})