From owner-svn-src-all@freebsd.org  Fri Sep 11 21:02:08 2015
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3F80CA02229;
 Fri, 11 Sep 2015 21:02:08 +0000 (UTC)
 (envelope-from adrian.chadd@gmail.com)
Received: from mail-ig0-x229.google.com (mail-ig0-x229.google.com
 [IPv6:2607:f8b0:4001:c05::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 097501FB7;
 Fri, 11 Sep 2015 21:02:08 +0000 (UTC)
 (envelope-from adrian.chadd@gmail.com)
Received: by igbkq10 with SMTP id kq10so50922111igb.0;
 Fri, 11 Sep 2015 14:02:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:date:message-id:subject
 :from:to:cc:content-type;
 bh=+ojmE/u/GBKupzjdwOCoAe0+/JASJOQrHP3s4F4jkk4=;
 b=pdAXsCmiovkyon7s4kr6t9leYgue8dM8NB28yl3882gUpeplC7cts4hVrw0W0gCTwV
 DyHy4CF8aY9MC+zPQtYjE1cLRosF/DOqZypdpUfhnbqBFeDF67OQLjdRsepTkZYwWLo2
 3nyPbhQ2PsafEamRYrY7GkYURKc1Bz7TsQB6yH3AcCSRHEmdpyc/lCUHv+8k6ahLD51M
 F+aaiejnP6WhbaAxEysiuq0yFsvalL6QjDvDBSxh/My9msECf4gAfE3QUgj6GMFPO9hY
 kkPCU26cj7iPNVs6Al57ACAZXGGLAgf3zSwk0TD5N6q8b+GCguv+LFoBO545luorx6E+
 +PPQ==
MIME-Version: 1.0
X-Received: by 10.50.1.44 with SMTP id 12mr249256igj.61.1442005326755; Fri, 11
 Sep 2015 14:02:06 -0700 (PDT)
Sender: adrian.chadd@gmail.com
Received: by 10.36.28.208 with HTTP; Fri, 11 Sep 2015 14:02:06 -0700 (PDT)
In-Reply-To: <55F33D96.8060300@mu.org>
References: <201509100405.t8A45xrJ070199@repo.freebsd.org>
 <CAPyFy2DjD3Dv6VYjd_6CKe3_2ZuMC5ayMKnzATLb=a4yZUYyLw@mail.gmail.com>
 <CANCZdfoBN9keiZCUpJ_v5y6mUpKcY_26Y_2=xCLwJovz+8a_xQ@mail.gmail.com>
 <CAJ-VmonUm5Sf8TPLnciouyiJjLUndtNJX368US5_hgQwzYBdkQ@mail.gmail.com>
 <55F33D96.8060300@mu.org>
Date: Fri, 11 Sep 2015 14:02:06 -0700
X-Google-Sender-Auth: tDGzqp-uZslaIEBsubXjZw9AlAo
Message-ID: <CAJ-Vmok-Uto6srU-sA1gq=HZ0Jf30vNNsw_mqiY669XvUq+qTw@mail.gmail.com>
Subject: Re: svn commit: r287606 - head/sys/kern
From: Adrian Chadd <adrian@freebsd.org>
To: Alfred Perlstein <bright@mu.org>
Cc: Warner Losh <imp@bsdimp.com>, Ed Maste <emaste@freebsd.org>, 
 "src-committers@freebsd.org" <src-committers@freebsd.org>, 
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, 
 "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2015 21:02:08 -0000

On 11 September 2015 at 13:46, Alfred Perlstein <bright@mu.org> wrote:
> 64k hard is too low a number for large memory machines.

Root can always bump it up all the way to kern.maxfilesperproc.

I'm also a big fan of having the description of config of service
stuff be in /etc/rc.conf, rather than splattered around the place. So
I also like the idea of <service>_rlimit_openfiles="xxxx" so it can be
clearly overridden for services that require it.

I'm open to other suggestions!



-adrian

> -Alfred
>
>
> On 9/10/15 9:18 AM, Adrian Chadd wrote:
>>
>> On 10 September 2015 at 09:04, Warner Losh <imp@bsdimp.com> wrote:
>>>
>>>
>>> On Thu, Sep 10, 2015 at 9:53 AM, Ed Maste <emaste@freebsd.org> wrote:
>>>>
>>>> On 10 September 2015 at 04:05, Adrian Chadd <adrian@freebsd.org> wrote:
>>>>>
>>>>> Author: adrian
>>>>> Date: Thu Sep 10 04:05:58 2015
>>>>> New Revision: 287606
>>>>> URL: https://svnweb.freebsd.org/changeset/base/287606
>>>>>
>>>>> Log:
>>>>>    Also make kern.maxfilesperproc a boot time tunable.
>>>>> ...
>>>>>    TODO:
>>>>
>>>> Also "we" should
>>>> * Submit patches upstream or to the ports tree to use closefrom
>>>
>>>
>>> I thought the consensus was that we'd fix things to have fewer FDs
>>> by default, but instead allow individual processes to raise it via the
>>> usual methods.
>>
>> I'm looking at how to do this in a somewhat sensible fashion. Right
>> now we just have openfiles=unlimited; in /etc/login.conf which seems a
>> little odd. I don't know yet if that affects the default set that
>> services started via /etc/rc get - init gets the whole default
>> maxfilesperproc and stuff seems to inherit from that unless told
>> otherwise.
>>
>> I think the more sensible default would be:
>>
>> * set  /etc/login.conf to some much lower values - say, 4k soft, 64k hard;
>> * root can always override its settings up to kern.maxfilesperproc;
>> * modify /etc/rc to set some default rlimits as appropriate;
>> * introduce configuration options ({daemon_rlimit_XXX}?) in
>> /etc/rc.conf that lets someone override what the default rlimits
>> should be for a given process,, as (and I'm not making this up) if you
>> run 'service XXX restart' from a root login you get the rlimits from
>> the shell, which may differ from the system startup.
>>
>> That way we can setup various services to have higher openfile limits
>> via /etc/rc.conf entries for those services rather than having to hack
>> each startup script. It also means that no matter what is running
>> 'service XXX YYY' as root, you'll get the 'correct'(er) rlimits.
>>
>> Thoughts?
>>
>>
>> -adrian
>>
>