In my opinion, the bugs here are in different packages: - Packages that provide a way for users to log in to the system, but don't create a user slice - Packages that provide services that operate using an unreasonable number of processes or threads, and can't be bothered to declare as much in the unit file
The 512 limit is arbitrary, but a plausible point at which to say, if this isn't an interactive session and the service has not declared special needs, I should assume it's malfunctioning / fork bombing and shut it down. For comparison, RabbitMQ installations also regularly run into the "1024 open file descriptors" limit, but instead of abolishing that limit globally, it's been documented that the limit may need to be raised specifically for RabbitMQ for high-load installations. Regarding the user slice thing, maybe systemd should consider depending on libpam-systemd. It's currently quite easy to not install on custom installations, and not having user slices should break a number of things. (It's pulled in by ubuntu-standard on Ubuntu, but people like to remove that because it pulls in things of questionable usefulness.)