From owner-freebsd-hackers  Mon Jul 10 13:55:23 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from camus.cybercable.fr (camus.cybercable.fr [212.198.0.200])
	by hub.freebsd.org (Postfix) with SMTP id 39B2937B5B4
	for <freebsd-hackers@FreeBSD.ORG>; Mon, 10 Jul 2000 13:55:19 -0700 (PDT)
	(envelope-from clefevre%no-spam@citeweb.net)
Received: (qmail 12287233 invoked from network); 10 Jul 2000 20:55:13 -0000
Received: from r224m65.cybercable.tm.fr (HELO gits.dyndns.org) ([195.132.224.65]) (envelope-sender <clefevre%no-spam@citeweb.net>)
          by camus.cybercable.fr (qmail-ldap-1.03) with SMTP
          for <core-ix@hushmail.com>; 10 Jul 2000 20:55:13 -0000
Received: (from root@localhost)
	by gits.dyndns.org (8.9.3/8.9.3) id WAA98095;
	Mon, 10 Jul 2000 22:55:07 +0200 (CEST)
	(envelope-from clefevre%no-spam@citeweb.net)
Posted-Date: Mon, 10 Jul 2000 22:55:07 +0200 (CEST)
To: Narvi <narvi@haldjas.folklore.ee>
Cc: core-ix@hushmail.com, freebsd-hackers@FreeBSD.ORG
Subject: Re: Some proposals to FreeBSD kernel
References: <Pine.BSF.3.96.1000710165917.36592D-100000@haldjas.folklore.ee>
Reply-To: clefevre@citeweb.net
X-Face: V|+c;4!|B?E%BE^{E6);aI.[<<r#uCVjK"~Ke!@0vxS/.,wki/c|uVnNV!BA-_gY2sfoGc3
        f{#/$PT>97Zd*>^#%Y5Cxv;%Y[PT-LW3;A:fRrJ8+^k"e7@+30g0YD0*^^3jgyShN7o?a]C
        la*Zv'5NA,=963bM%J^o]C
From: Cyrille Lefevre <clefevre%no-spam@citeweb.net>
Date: 10 Jul 2000 22:55:05 +0200
In-Reply-To: Narvi's message of "Mon, 10 Jul 2000 17:06:19 +0200 (EET)"
Message-ID: <puologd2.fsf@pc166.gits.fr>
Lines: 41
User-Agent: Gnus/5.0807 (Gnus v5.8.7) XEmacs/21.1 (Canyonlands)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Narvi <narvi@haldjas.folklore.ee> writes:

> [i think this might just as well belong in -questions]
> 
> On 10 xxx -1 core-ix@hushmail.com wrote:
> 
> > I'm 18-year-old newbie UNIX programmer that currently use 
> > FreeBSD and is really thankfull of it.I run it on DUAL PII/333.
> > 
> > Some days ago my friend tell me that with simple user rights
> > and whit only 1 line of code he could crash my machine. I laught
> > but he did it :(.
> > 
> > What he wrote was ' int main(void) {while(1) fork(); }'  compiled it
> > and run it. Within a second /kernel said "proc: table is full" and 
> > died. I tried this on some other BSD unixes and the result was 
> > same. (BTW Minix 2.0 seem unaffected and probably other SVR4
> > variants, because you can limit the number of  system processes
> > and system still have resources to work fine(although slow))
> > 
> 
> And you can do the same with BSD. See limits(1), csh(1), sh(1),
> login.conf(5)

some time ago, I had a similar problem. too many processes forked, power off...
reboot impossible. the cause of this problem was to define nisdomainname w/
activating nis services. so portmap give up thoses processes to log errors
messages because it was trying to contact nis services which was not there.
I take some time to find /etc/login.conf. the question is, why all default
limits are so permissives (unlimited) by default ? as I remember, it took me
some days w/ many boots to find the reason of portmap failure. an idea would
be to add some limit to limit the number of processes forked by a process (at
one time in addition to the number of processes by user which may be relative
to the system wide limit (maxprocperproc=nproc-10). which is something like the
openfiles limit (w/o the system wide reference but which is possible as well,
like maxfilesperproc=nfiles-10).

Cyrille.
-- 
home:mailto:clefevre%no-spam@citeweb.net Supprimer "%no-spam" pour me repondre.
work:mailto:Cyrille.Lefevre%no-spam@edf.fr Remove "%no-spam" to answer me back.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message