From owner-freebsd-questions@freebsd.org Fri Aug 19 10:10:50 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CC8F7BBF45E for ; Fri, 19 Aug 2016 10:10:50 +0000 (UTC) (envelope-from Ephaeton@gmx.net) Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 44F55151C for ; Fri, 19 Aug 2016 10:10:49 +0000 (UTC) (envelope-from Ephaeton@gmx.net) Received: from hephaistos.local ([188.193.147.216]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MOCSm-1bVAzF2mcm-005Vou for ; Fri, 19 Aug 2016 12:10:41 +0200 Received: by hephaistos.local (Postfix, from userid 1000) id E5081297CDF6; Fri, 19 Aug 2016 12:10:40 +0200 (CEST) Date: Fri, 19 Aug 2016 12:10:40 +0200 From: "Martin S. Weber" To: Steve O'Hara-Smith Cc: freebsd-questions@freebsd.org Subject: Re: How do I limit I/O usage for a user/process? A user broke my system Message-ID: <20160819101040.GA2560@hephaistos.local> Mail-Followup-To: Steve O'Hara-Smith , freebsd-questions@freebsd.org References: <20160819104058.1c60a63fb832fbdc1524207c@sohara.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160819104058.1c60a63fb832fbdc1524207c@sohara.org> User-Agent: Mutt/1.6.1 (2016-04-27) X-Provags-ID: V03:K0:q1AWvbieko3GlOBJk/zTHm3FnChOtHWsCPKLiGszNXt27yJNjz+ W+4BWOc7BkIppFYoBgRiqGpOs6VQX7gctNAtZcBC4HBCtV9OCjStFSQ4PKIkJURR5nukVNG oOB7YLFqXRywaCeRDdzwp93h14KlyHSD6OV0OWvOe+4I3VPKii9mDnuHqqykuFsVDJRI2oc 3JNkGNpHLTljiPfQA3BLA== X-UI-Out-Filterresults: notjunk:1;V01:K0:B00RXU9xD94=:9Yzat3eB43xb+BEemRJbPK 7JMACkd7/Czsy32ztjXH+pxC/iowFOtzQKYW+JaLtsIQL0dsaK6IV6/dgw1OBo1WA6+370FsW 27vbIBAOuglv3lF13DcIzMhQ8LFa+nTjJhpuXkShQx/NVY2OT9JXL3dX3Owwthcoof/IYgTjb R7vPdwJwCshgl6fZiLedkPrEFsROrNkj9WpPKzv/wrJAop6cV0QO9vlDJ+4zsoPVwEzPfQYZt AsANVVZPwUiV+6JuW/HNP5VXUSi9FXu2fmVsnZtU47CLumBrCo/qfo/l/ca/joNbzuHUjDJ60 nmIDuKTFxMnbLWo388kMrWBypN8x/nsP6Yzz/xLKnOPvQVub1tD9FVeSTozbM72hIcDD2US4F tO3yPYaBG3avxjQb9SuOp2KPzJiJRBMORLb55Ckf8sLd45R3Gjx6Y5xogMge6KeH9dPpcP0rn OQuXyatsVeefksFxpa56F+o6WsZxYrD1bM1fGQBm7vq6JEnVjL8Li+KuHH4AKYtB+GMOgCFPB w5Tza+xvqQK7o0RfSTpg2X7GDjXtM420oV5gOh75pLpjtleTb9oQ+yQt12ytGrxpwFGttxQMk G6V8HyCRR/vYOVXmUyK8BlCGcimlbELrzoVgu0U44vwYlNQyLB6Zmovm+adqvmsc68TCdtfu0 prtlEB16iWm8Ukgin3uLnCGyjLWoc715f40fehK7GolZrg6uy1MU7/rZYnqpCx7upeooNtIu8 1edBYvYezQJVtqiysF2ytAIHAGlD6dw9Cl8LKWbHpUT4oSx/ndkgd9Y5Jck= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Aug 2016 10:10:50 -0000 On 2016-08-19 10:40:58, Steve O'Hara-Smith wrote: > On Fri, 19 Aug 2016 09:23:16 +0000 > Magnus Ahriman wrote: (...) > > the user's process but to no help and the problem was most certainly with > > disk I/O. I don't want a normal user being able to lock up my entire > > system just by viewing text files. So any ideas? > > Very likely the problem was due to memory use and you are tight on > memory for your normal load. Editors like e.g. vim will open a temporary file (for recovery) the same size as the original. Back in the day when I worked around ASIC designers, opening of netlists for manual editing was always done with an ancient vi (not vim, not nvi), which did not do that, as the netlists were usually several gigabyte big files (on shared sun servers with "only" several gigs of RAM). It does not have to be pushing memory. Just queuing up transfers to two different hd controllers can lock your (BSD) system down. Gimme an account on your box, limit my memory, and I'll still DOS it (putting pressure on different buffers by combining find with catting /dev/urandom somewhere plus continuously writing my memory allowance into files on different filesystems - at least that used to work the last few times I tried it, but I grew sick of dos'ing myself, so stopped the practice). It's an inherent design weakness in the school of thought "nice will take care of it, we don't need ionice or userland controllable I/O scheduling parameters". You can of course lock down the system by limiting process time as well, etc., but that either doesn't help for the duration of the limited process time, or makes the account unusable. Having to have the parts of the system you want to use already in RAM is not a proper answer either. I'm not aware of a proper adequate response in BSDs for this problem, and would like to learn a good answer myself. -M