Mike Silbersack wrote:
> 2. Limit the number of procs to an appropriate number. Previously, it
> was easy to set maxproc overly high by setting a large maxusers value.
> With this change, proc-related structures will only be able to consume
> about 1/2 of all system memory. Without this limitation, a high maxusers
> setting and a forkbomb could easily consume all system memory, leaving
> virtually no chance for the system to recover.
+ /*
* The following can be overridden after boot via sysctl. Note:
* unless overriden, these macros are ultimately based on maxusers.
*/
maxproc = NPROC;
TUNABLE_INT_FETCH("kern.maxproc", &maxproc);
+ if (maxproc > automaxproc)
+ maxproc = automaxproc;
maxfiles = MAXFILES;
TUNABLE_INT_FETCH("kern.maxfiles", &maxfiles);
No. Root's overrides come *after* automagic settings, regardless of how
well intentioned the settings are.
If you are going to do this, it should be something along the lines of:
maxproc = NPROC;
if (maxproc > automaxproc)
maxproc = automaxproc;
TUNABLE_INT_FETCH("kern.maxproc", &maxproc);
Even this isn't quite right, because NPROC may be a compile option
which must be respected. The default #define NPROC may need adjusting.
Cheers,
-Peter
--
Peter Wemm - [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
"All of this is for nothing if we don't go to the stars" - JMS/B5
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
