[libvirt] [PATCH] qemu: Support for overriding NPROC limit

Eric Blake eblake at redhat.com
Tue Apr 5 20:12:03 UTC 2011


On 04/05/2011 01:46 PM, Jiri Denemark wrote:
> On Tue, Apr 05, 2011 at 09:28:00 -0600, Eric Blake wrote:
>> On 04/05/2011 08:09 AM, Jiri Denemark wrote:
>>> This patch adds max_processes option to qemu.conf which can be used to
>>> override system default limit on number of processes that are allowed to
>>> be running for qemu user.
> 
> Actually it's important that we call setrlimit() before dropping root
> privileges since only such process can increase the limit.

Makes sense.

> 
> The NPROC limit is pretty confusing since it logically doesn't fit in
> setrlimit and by it gets unnatural behavior as a result of it being set via
> setrlimit. It only affects the limit seen by current process which will soon
> be executing qemu code.

Yeah, there's no real way to confine the absolute number of processes
owned by a single uid using just process inheritance; setrlimit only
affects the number of processes that can be forked within a given hierarchy.

At any rate, this patch is certainly better than what was previously
available, I didn't see anything wrong with it, and you answered my
question, so:

ACK.

-- 
Eric Blake   eblake at redhat.com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110405/45b1108b/attachment-0001.sig>


More information about the libvir-list mailing list