[libvirt] [PATCH] qemu: Support for overriding NPROC limit
Jiri Denemark
jdenemar at redhat.com
Wed Apr 6 11:21:16 UTC 2011
On Tue, Apr 05, 2011 at 14:12:03 -0600, Eric Blake wrote:
> On 04/05/2011 01:46 PM, Jiri Denemark wrote:
> > On Tue, Apr 05, 2011 at 09:28:00 -0600, Eric Blake wrote:
> >> On 04/05/2011 08:09 AM, Jiri Denemark wrote:
> >>> This patch adds max_processes option to qemu.conf which can be used to
> >>> override system default limit on number of processes that are allowed to
> >>> be running for qemu user.
> >
> > Actually it's important that we call setrlimit() before dropping root
> > privileges since only such process can increase the limit.
>
> Makes sense.
>
> >
> > The NPROC limit is pretty confusing since it logically doesn't fit in
> > setrlimit and by it gets unnatural behavior as a result of it being set via
> > setrlimit. It only affects the limit seen by current process which will soon
> > be executing qemu code.
>
> Yeah, there's no real way to confine the absolute number of processes
> owned by a single uid using just process inheritance; setrlimit only
> affects the number of processes that can be forked within a given hierarchy.
>
> At any rate, this patch is certainly better than what was previously
> available, I didn't see anything wrong with it, and you answered my
> question, so:
>
> ACK.
Thanks, pushed.
Jirka
More information about the libvir-list
mailing list