[libvirt] [PATCH] qemu: Support for overriding NPROC limit
Eric Blake
eblake at redhat.com
Tue Apr 5 20:12:03 UTC 2011
On 04/05/2011 01:46 PM, Jiri Denemark wrote:
> On Tue, Apr 05, 2011 at 09:28:00 -0600, Eric Blake wrote:
>> On 04/05/2011 08:09 AM, Jiri Denemark wrote:
>>> This patch adds max_processes option to qemu.conf which can be used to
>>> override system default limit on number of processes that are allowed to
>>> be running for qemu user.
>
> Actually it's important that we call setrlimit() before dropping root
> privileges since only such process can increase the limit.
Makes sense.
>
> The NPROC limit is pretty confusing since it logically doesn't fit in
> setrlimit and by it gets unnatural behavior as a result of it being set via
> setrlimit. It only affects the limit seen by current process which will soon
> be executing qemu code.
Yeah, there's no real way to confine the absolute number of processes
owned by a single uid using just process inheritance; setrlimit only
affects the number of processes that can be forked within a given hierarchy.
At any rate, this patch is certainly better than what was previously
available, I didn't see anything wrong with it, and you answered my
question, so:
ACK.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110405/45b1108b/attachment-0001.sig>
More information about the libvir-list
mailing list