Re: vm.swap_reserved toooooo large?
George Mamalakis wrote:
> Oliver, thanx for your comments. I know it is difficult to choose which
> process to kill and how to be "fair" during such a killing procedure.
> Nevertheless, I would assume that all non-root processes would have
> higher priority to get killed, and that root's processes would get
> killed last.
The owner of the process is not taken into consideration,
because the "run-away" process causing the memory shortage
may as well be a root-owned process. In such a situation,
if root processes were exempt from killing, the system
would deadlock and require a hard reboot. Killing the
root-owned process is the lesser of two evils.
As I already explained, there is a process flag that root-
owned processes can set for themselves, preventing the
kernel from killing them in low-memory situations. See
the description of the MADV_PROTECT flag in the madvise(2)
manual page. For example, cron(8) and sshd(8) make use of
this, so they will not be killed. This is a better way
than simply excluding all root processes.
> I understand your comments completely, but I was just so
> surprised when I realized how easy it was for me to kill root processes
> on my system.
Only because you didn't configure resource limits. ;-)
When you're the only user on a machine, such as a desktop
box, this is usually not a big deal. But in all other
cases it's strongly recommended to set resource limits,
in particular for shell users and for server processes.
Without any resource limits, a normal user can starve the
system and take it down. This is an old and well-known
problem for all UNIX systems (and most non-UNIX systems,
too, I guess). You certainly didn't discover any new
problem.
If you're concerned, configure resource limits. Period.
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606, Gesch輎tsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht M榀-
chen, HRB 125758, Gesch輎tsf梶rer: Maik Bachmann, Olaf Erb, Ralf Gebhart
FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd
"File names are infinite in length, where infinity is set to 255 characters."
-- Peter Collinson, "The Unix File System"
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 8 之 13 篇):