Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 18 Dec 2012 09:50:46 +0000 (GMT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Andrey Zonov <zont@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r244383 - head/etc
Message-ID:  <alpine.BSF.2.00.1212180948190.22858@fledge.watson.org>
In-Reply-To: <201212180727.qBI7Rp0t084371@svn.freebsd.org>
References:  <201212180727.qBI7Rp0t084371@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

On Tue, 18 Dec 2012, Andrey Zonov wrote:

> Author: zont
> Date: Tue Dec 18 07:27:50 2012
> New Revision: 244383
> URL: http://svnweb.freebsd.org/changeset/base/244383
>
> Log:
>  - Set memorylocked limit to 64Kb for default login class.
>    This prevents unprivileged users to lock too much memory.
>  - Set memorylocked limit to 64Mb for daemon login class.
>    Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on
>    startup, they are run from init(8) which uses daemon login class.
>  - Set memorylocked limit to unlimited for root login class.
>
>  Suggested by:	avg
>  Approved by:	kib (mentor)
>  MFC after:	1 week

I think you should not MFC this one quickly -- let's wait for it to shake out 
in the -CURRENT userbase for a few months to see what breaks.  I wouldn't be 
surprised if a fair number of applications (both publicly available, and local 
at various FreeBSD-using shops) are implicitly depending on their not being 
limits to memorylocked by default.  After an upgrade, they might find that 
their applications simply stop working for potentially hard-to-debug reasons.

Or we might find no one notices -- but deferring an MFC will help give us a 
better sense of which outcome is more likely.

Robert

>
> Modified:
>  head/etc/login.conf
>
> Modified: head/etc/login.conf
> ==============================================================================
> --- head/etc/login.conf	Tue Dec 18 07:26:55 2012	(r244382)
> +++ head/etc/login.conf	Tue Dec 18 07:27:50 2012	(r244383)
> @@ -32,7 +32,7 @@ default:\
> 	:cputime=unlimited:\
> 	:datasize=unlimited:\
> 	:stacksize=unlimited:\
> -	:memorylocked=unlimited:\
> +	:memorylocked=64K:\
> 	:memoryuse=unlimited:\
> 	:filesize=unlimited:\
> 	:coredumpsize=unlimited:\
> @@ -59,6 +59,7 @@ xuser:\
> staff:\
> 	:tc=default:
> daemon:\
> +	:memorylocked=64M:\
> 	:tc=default:
> news:\
> 	:tc=default:
> @@ -72,6 +73,7 @@ dialer:\
> #       in preference to 'default'.
> root:\
> 	:ignorenologin:\
> +	:memorylocked=unlimited:\
> 	:tc=default:
>
> #
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1212180948190.22858>