Date: Tue, 15 Jan 2013 23:20:14 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Andrey Zonov <zont@FreeBSD.org> Cc: svn-src-all@freebsd.org, Andriy Gapon <avg@freebsd.org>, Fabian Keil <freebsd-listen@fabiankeil.de> Subject: Re: svn commit: r245415 - stable/9/etc Message-ID: <20130115212014.GD2522@kib.kiev.ua> In-Reply-To: <50F5AB7B.6090903@FreeBSD.org> References: <201301141058.r0EAwK4q044423@svn.freebsd.org> <20130114122640.152cb041@fabiankeil.de> <50F4464A.7000903@FreeBSD.org> <20130114200914.7f3272d2@fabiankeil.de> <50F5AB7B.6090903@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--WChQLJJJfbwij+9x Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 15, 2013 at 11:18:19PM +0400, Andrey Zonov wrote: > On 1/14/13 11:09 PM, Fabian Keil wrote: > > Andrey Zonov <zont@FreeBSD.org> wrote: > >=20 > >> On 1/14/13 3:26 PM, Fabian Keil wrote: > >>> Andrey Zonov <zont@FreeBSD.org> wrote: > >>> > >>>> Author: zont > >>>> Date: Mon Jan 14 10:58:20 2013 > >>>> New Revision: 245415 > >>>> URL: http://svnweb.freebsd.org/changeset/base/245415 > >>>> > >>>> Log: > >>>> MFC r244383: > >>>> - Set memorylocked limit to 64Kb for default login class. > >>>> This prevents unprivileged users to lock too much memory. > >>> > >>> Note that this causes geli segfaults when using sudo: > >>> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D174831 > >>> > >> > >> The change should not affect stable, because new behavior was turned o= ff > >> in stable. > >=20 > > It's not exactly obvious, but by "this" I was referring to the change > > in CURRENT. > >=20 >=20 > The solution which you proposed was refused by kib@ (add to CC) when I > proposed it earlier. The limits purpose is to limit some resource usage. Having applications that override the limits contradicts the user intent of keeping the limits working. As a workaround, you could set the limit for your user account. As a solution, change the offending application to only mlock() the sensitive pages. E.g. gnupg already does this, probably because it is portable. >=20 > I also wanted to set memory-locked limit to 8Mb, but avg@ (add to CC) > recommended to set it to something smaller. >=20 > Any suggestions? >=20 > --=20 > Andrey Zonov >=20 --WChQLJJJfbwij+9x Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBAgAGBQJQ9cgNAAoJEJDCuSvBvK1BqP0QAKM+a4a2pikQm61Rnyj0myPC 5rnnOs5JsoK9yXonVDMuyrnB8earLYCVQkpMGcyfJftI6TymbH+AmiyUJJbAmKIu taeIcP5oZ37mSHrlP6+sY5R9FkRvsZ2X3uBxubJUykS0JYh5thu8xKfF5LLZlsar mRq3OKEW61MAMUC1z0YXgz9ZcAjkVcY2SjlVzCWs5uOohgz4c/0Wwn0XWUr0rGYf onIApayjbRtnBTjXiHyHOcJjyHZKCPsNlNzSWEnnJizQqHBqKXUCmUmeSRfNT4J8 7mkKuG3Z2pmBdpmV7XtS3uF+iTtwkR7F2oIBfKUQhzNJlPRu8oBZAyg8DKZoXUNv oKCAKiFCt3Tuk/Wuxld+G9lyspnzdYenBV5rKmNOBMz0r/N37TWV47EIM9UKlRRM XrhMzWOUoteJ0h0V1Q9/bEJIt0Xjr5tGHlRVHHeUhHuMUTyXYuq9oYS83NC9Vexn B1evb2uU845KZKV/0iX1ViOPkOgGBSrkGDF/tDmfHmGVw2Mqa1p82wd/Nw6NmnD2 lzuHlHnUFZcrFwG1DJ9kDMbSjdSSjejgYfbi13YkGHm36NDMMHHHwS7jvrBH0jhK rAAnRIArgr4CLFdvR50eLnbOb6zNAWI5HDpJc19o1DSzcXMhNclqdR9EdBK7o/rI xEnqO3YUvlP10POiDae1 =RPzC -----END PGP SIGNATURE----- --WChQLJJJfbwij+9x--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130115212014.GD2522>