Mike Silbersack wrote: > 2. Limit the number of procs to an appropriate number. Previously, it > was easy to set maxproc overly high by setting a large maxusers value. > With this change, proc-related structures will only be able to consume > about 1/2 of all system memory. Without this limitation, a high maxusers > setting and a forkbomb could easily consume all system memory, leaving > virtually no chance for the system to recover.
+ /* * The following can be overridden after boot via sysctl. Note: * unless overriden, these macros are ultimately based on maxusers. */ maxproc = NPROC; TUNABLE_INT_FETCH("kern.maxproc", &maxproc); + if (maxproc > automaxproc) + maxproc = automaxproc; maxfiles = MAXFILES; TUNABLE_INT_FETCH("kern.maxfiles", &maxfiles); No. Root's overrides come *after* automagic settings, regardless of how well intentioned the settings are. If you are going to do this, it should be something along the lines of: maxproc = NPROC; if (maxproc > automaxproc) maxproc = automaxproc; TUNABLE_INT_FETCH("kern.maxproc", &maxproc); Even this isn't quite right, because NPROC may be a compile option which must be respected. The default #define NPROC may need adjusting. Cheers, -Peter -- Peter Wemm - [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message