Date: Fri, 19 Aug 2016 12:10:40 +0200 From: "Martin S. Weber" <Ephaeton@gmx.net> To: Steve O'Hara-Smith <steve@sohara.org> Cc: freebsd-questions@freebsd.org Subject: Re: How do I limit I/O usage for a user/process? A user broke my system Message-ID: <20160819101040.GA2560@hephaistos.local> In-Reply-To: <20160819104058.1c60a63fb832fbdc1524207c@sohara.org> References: <CAM4nNt8dOojYNA6FK6_zj7vN92e6ML2A0QbsXH3fz8rP%2BCbVTg@mail.gmail.com> <20160819104058.1c60a63fb832fbdc1524207c@sohara.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2016-08-19 10:40:58, Steve O'Hara-Smith wrote: > On Fri, 19 Aug 2016 09:23:16 +0000 > Magnus Ahriman <magnus.ahriman@gmail.com> wrote: (...) > > the user's process but to no help and the problem was most certainly with > > disk I/O. I don't want a normal user being able to lock up my entire > > system just by viewing text files. So any ideas? > > Very likely the problem was due to memory use and you are tight on > memory for your normal load. Editors like e.g. vim will open a temporary file (for recovery) the same size as the original. Back in the day when I worked around ASIC designers, opening of netlists for manual editing was always done with an ancient vi (not vim, not nvi), which did not do that, as the netlists were usually several gigabyte big files (on shared sun servers with "only" several gigs of RAM). It does not have to be pushing memory. Just queuing up transfers to two different hd controllers can lock your (BSD) system down. Gimme an account on your box, limit my memory, and I'll still DOS it (putting pressure on different buffers by combining find with catting /dev/urandom somewhere plus continuously writing my memory allowance into files on different filesystems - at least that used to work the last few times I tried it, but I grew sick of dos'ing myself, so stopped the practice). It's an inherent design weakness in the school of thought "nice will take care of it, we don't need ionice or userland controllable I/O scheduling parameters". You can of course lock down the system by limiting process time as well, etc., but that either doesn't help for the duration of the limited process time, or makes the account unusable. Having to have the parts of the system you want to use already in RAM is not a proper answer either. I'm not aware of a proper adequate response in BSDs for this problem, and would like to learn a good answer myself. -M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160819101040.GA2560>