"H. Peter Anvin" <h...@zytor.com> writes:

> On April 19, 2016 12:25:03 PM PDT, "H. Peter Anvin" <h...@zytor.com> wrote:
>>
>>Perhaps a (privileged) option to exempt from the global limit, then. 
>>Something we can implement if asked for.
>>
>>However, I wouldn't be 100% that the reserved pool isn't used.  Someone
>>added it presumably for a reason.  An administrator could say it and
>>we'd have no idea.
>
> ... and if I personally was running a container-hosting system, I
> would *absolutely* set it to make sure the administrator could not get
> locked out.

That is likely easier done by setting:
echo RIDICULOUSLY_LARGE_NUMBER > /proc/sys/kernel/pty/max

All I am certain about at this point is that no one cares on a day to
day basis or in any kind of ordinary scenario so this is something that
we can get away with changing.

But yes I would not be surprised if we have to come back and implement
something like your suggested extra mount option for devpts, so some
specified instances can dip into the reserved pool.

Eric

Reply via email to