From owner-freebsd-rc@FreeBSD.ORG Mon Apr 29 23:33:52 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7876D692 for ; Mon, 29 Apr 2013 23:33:52 +0000 (UTC) (envelope-from rabe@uugrn.org) Received: from mx1.uugrn.org (mx1.uugrn.org [IPv6:2a03:2500:2::172:17]) by mx1.freebsd.org (Postfix) with ESMTP id EA3411E64 for ; Mon, 29 Apr 2013 23:33:51 +0000 (UTC) Received: from rabe.uugrn.org (rabe.uugrn.org [IPv6:2a03:2500:1:6:19::]) by mx1.uugrn.org (8.14.5/8.14.5) with ESMTP id r3TNXjVb029880 for ; Tue, 30 Apr 2013 01:33:50 +0200 (CEST) (envelope-from rabe@uugrn.org) Received: from rabox.fritz.box (rabe@rabe.uugrn.org [164.177.171.25]) by rabe.uugrn.org (8.14.5/8.14.5) with ESMTP id r3TNXia6018435 for ; Tue, 30 Apr 2013 01:33:45 +0200 (CEST) (envelope-from rabe@uugrn.org) Received: from rabox.fritz.box (localhost [127.0.0.1]) by rabox.fritz.box (8.14.4/8.14.4/Debian-2.1ubuntu1) with ESMTP id r3TNXiDd008419 for ; Tue, 30 Apr 2013 01:33:44 +0200 Received: (from rabe@localhost) by rabox.fritz.box (8.14.4/8.14.4/Submit) id r3TNXiY3008418 for freebsd-rc@freebsd.org; Tue, 30 Apr 2013 01:33:44 +0200 X-Authentication-Warning: rabox.fritz.box: rabe set sender to rabe@uugrn.org using -f Date: Tue, 30 Apr 2013 01:33:44 +0200 From: Raphael Eiselstein To: freebsd-rc@freebsd.org Subject: How to set resource limits (ulimit) per service with /etc/rc.subr and /etc/rc.conf Message-ID: <20130429233344.GA4769@ma.sigsys.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Qxx1br4bt0+wmkIi" Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Apr 2013 23:33:52 -0000 --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi everyone, we have some generic parameters for rc-scripts like=20 ${name}_program ${name}_chroot ${name}_flags ${name}_nice ${name}_user any many more. I'm looking for a way to configure different ulimits per service. It seems we have nothing about "ulimit" somewhere in /etc. I'd like to have a unique way to configure resource limits, hard and soft limits. Resource limits can be set within a script for the current process by=20 "ulimit [-HSabcdflmnpstuvw] [limit]" but not as a parameterised wrapper like "nice" or "chroot" or "su", so prepeding just another "ulimit" wrapper seems not to be an option. Is there a unique way to have resource limits per service? I didn't find any. AFAICS we have two options handling this: #1 writing a /bin/sh wrapper prepeding ${_doit} containing ulimit commands #2 having (someone) to build up a generic binary like nice(1) getting limit-parameters by commandline before execve'ing the final command, e.g.= =20 limitsh -Hv 20480 -Sv 10240 -n 300 -c command args Problem: shells shoud implement "-c command args" and ulimit uses -c for coredumpsize in 512byte blocks. To get around this: -Hc and -Sc are=20 hard/soft limits to corefilesize, a single "-c" is always the command-string like in sh(1)=20 Any ideas? Did I miss something? Regards Raphael --=20 Raphael Eiselstein http://rabe.uugrn.org/ xmpp:freibyter@gmx.de | https://www.xing.com/profile/Raphael_Eiselstein = =20 GnuPG: E7B2 1D66 3AF2 EDC7 9828 6D7A 9CDA 3E7B 10CA 9F2D =2E........|.........|.........|.........|.........|.........|.........|.. --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAlF/A1gACgkQnNo+exDKny15xgCdGu4JBVzlCEra1zFX6blcoGY2 QAIAmwb+rwyklz1BbZelAGLJEfDlUu9A =/jbn -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi--