I think it's intentional. Glibc's get_nprocs() looks at /sys/devices/system/cpu/online first, which just always reports the global CPU count – nspawn does not attempt to hide that. (And arguably _NPROCESSORS_ONLN does say "processors *online*," not processors available, so the /sys number is correct...)
If the /sys path were not available, glibc would be using sched_getaffinity() which does report the per-process "allowed CPU" information (at least through `taskset` as far as I can see). I'd also try coreutils `nproc`, in v9.8 it learned how to look at the cgroup-based CPU quotas (cpu.max). On Sun, Dec 28, 2025 at 12:37 PM Sietse van Zanen <[email protected]> wrote: > Hi, > > > > When running a systemd nspawn container configured with: AllowedCPUs=x-y > > Running getconf _NPROCESSORS_ONLN in the container returns the nr. of > processors in the system instead of the nr of allowed cpus. > > Is this by design? If so how can I get the nr of cpu’s the container is > actually allowed to use? > > > > -Sietse > > > > >
