From owner-freebsd-arch@FreeBSD.ORG Tue Mar 1 17:57:00 2011 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADA691065670 for ; Tue, 1 Mar 2011 17:57:00 +0000 (UTC) (envelope-from etnapierala@googlemail.com) Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com [209.85.161.54]) by mx1.freebsd.org (Postfix) with ESMTP id 3F28D8FC19 for ; Tue, 1 Mar 2011 17:56:59 +0000 (UTC) Received: by fxm19 with SMTP id 19so5665549fxm.13 for ; Tue, 01 Mar 2011 09:56:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:sender:from:content-type :content-transfer-encoding:subject:date:message-id:to:mime-version :x-mailer; bh=8Xa7xfliuko94r4DkZsRn9vUABcgBUM7VOvucfq7DQU=; b=B6Teked9FsrYSrOQD9tyfD7IhbiDeCBDvNVD2A3c8QpE4B/g1VNr+H/VXILPiXKb6K RZMAXoZHenYlv0aFOQ6oQeNYJQketibdWvOdSrClrcyiHStNTOPo7hZXveVgUpjdtUPf Xbw3xITYuiMEkL9Q/PaBiksmbcvv0DJJqv2ps= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:from:content-type:content-transfer-encoding:subject:date :message-id:to:mime-version:x-mailer; b=dUAEwUrQUR5kZKTXWW42zXIbIOmL3vRqKvgwZUMDMsTzvnL6uq2NQPHqLGOJGkGBnQ kYkyxdWMgqwVEPALK1mQeQgMyGtUUHxB8YOX/m50YHaM/j+RhpLFkPnDcMZNRZriagOJ JqxpKSqv7MMqjimNsZYPtGiQLAYz9i4Q+iM4I= Received: by 10.223.103.198 with SMTP id l6mr2534650fao.99.1299000138835; Tue, 01 Mar 2011 09:22:18 -0800 (PST) Received: from [192.168.1.102] (45.81.datacomsa.pl [195.34.81.45]) by mx.google.com with ESMTPS id e6sm2277279fav.8.2011.03.01.09.22.17 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 01 Mar 2011 09:22:17 -0800 (PST) Sender: =?UTF-8?Q?Edward_Tomasz_Napiera=C5=82a?= From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Tue, 1 Mar 2011 18:22:15 +0100 Message-Id: <41A35BDD-7EF0-47C5-BA3D-2E3F9C9C5540@FreeBSD.org> To: "arch@" Mime-Version: 1.0 (Apple Message framework v1082) X-Mailer: Apple Mail (2.1082) Subject: Adding setloginclass(2) and getloginclass(2). X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Mar 2011 17:57:00 -0000 At http://people.freebsd.org/~trasz/loginclass.diff, you can find a patch that adds login class information to the kernel. The patch does not contain changes to autogenerated files; to test it, do "make sysent" in sys/kern/ and sys/compat/freebsd32/. The patch itself doesn't add much user-visible functionality, although being able to do "ps aux -o class" might be useful. However, login classes are a prerequisite for RCTL, aka Resource Containers - system administrator can use rules such as "loginclass:users:nproc:deny=100/user", to replace resource limits usually defined in login.conf(5), or use rule such as "loginclass:users:nproc:deny=100/loginclass", to limit the number of processes for the whole login class, achieving something similar to SunOS "projects". Since this involves adding two new syscalls, I'd like to hear some opinion about it - it's hard to change these afterwards. -- If you cut off my head, what would I say? Me and my head, or me and my body?