From owner-freebsd-questions Sun Jun 4 12:12:12 2000 Delivered-To: freebsd-questions@freebsd.org Received: from netcore.fi (netcore.fi [193.94.160.1]) by hub.freebsd.org (Postfix) with ESMTP id EFB9B37B6F9 for ; Sun, 4 Jun 2000 12:12:07 -0700 (PDT) (envelope-from pekkas@netcore.fi) Received: from localhost (pekkas@localhost) by netcore.fi (8.10.1/8.10.1) with ESMTP id e54JC5k05441 for ; Sun, 4 Jun 2000 22:12:06 +0300 Date: Sun, 4 Jun 2000 22:12:04 +0300 (EEST) From: Pekka Savola Reply-To: Pekka.Savola@netcore.fi To: freebsd-questions@freebsd.org Subject: Setting restrictions on Apache processes Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello all, I'm having trouble with 3.4-STABLE and Apache 1.3.12 w/ PHP3 and MySQL. The server has only 128 MB of memory, but there are still 250-500 apache processes running. Each process uses like 3-4 MB of memory. I have plenty of swap, but at certain point, when over, like 300 MB of swap is used, the server becomes totally unresponsible: ---- last pid: 38416; load averages: 414.85, 363.95, 208.88 up 67+23:39:24 13:59:19 525 processes: 426 running, 99 sleeping CPU states: % user, % nice, % system, % interrupt, % idle Mem: 76M Active, 9964K Inact, 35M Wired, 128K Cache, 8243K Buf, 616K Free Swap: 637M Total, 398M Used, 239M Free, 62% Inuse ---- Most of bad usage is caused by some runaway Apache processes that occupy 10-40 MB of memory each. Setting MaxClients to a lower value helps a little, but it doesn't stop these processes chomping too much memory. Memory upgrades are on the way, but I'd like to be able to restrict apache processes in some way. I thought I could do this with /etc/login.conf but it doesn't seem to have any effect. Is there anything I'm missing here? 1. Edit /etc/login.conf, add the following to it: ----- nobody:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=10:\ :umask=022:\ :tc=auth-defaults: ----- This isn't what I want really, but show if this works or not. 2. Run cap_mkdb /etc/login.conf 3. Edit /etc/master.password (add nobody class in it): ----- nobody:*:65534:65534:nobody:0:0:Unprivileged user:/nonexistent:/sbin/nologin ----- 4. Run pwd_mkdb /etc/master.password 5. Run /usr/local/sbin/apachectl stop ; /usr/local/sbin/apachectl start Now if I understand correctly, those apache processes run as 'nobody' should have 10 as their priority, etc. This is not the case. Is there something I'm missing here? BTW, Does 'memoryuse-cur' restrict the memory use by process or by user? I believe the latter, but just checking.. Any good ideas? TIA, Regards -- Pekka Savola "Tell me of difficulties surmounted, Pekka.Savola@netcore.fi not those you stumble over and fall" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message