Alan Cox wrote: >> - allow uid=1001 and uid=1002 (common users) to allocate memory only if the >> total committed space is below the 50% of the physical RAM + the size of >> swap: >> [EMAIL PROTECTED] # echo 1001:2:50 > /proc/overcommit_uid >> [EMAIL PROTECTED] # echo 1002:2:50 > /proc/overcommit_uid > > There are some fundamental problems with this model - the moment you mix > strict overcommit with anything else it ceases to be a strict overcommit > and you might as well use existing overcommit rules for most stuff > > The other thing you are sort of faking is per user resource management - > which is a subset of per group of users resource management which is > useful - eg "students can't hog the machine" > > I don't see that this is the right approach compared with the container > work and openvz work that is currently active and far more flexible. >
Obviously I was not proposing a nice theoretical model, my work is more similar to a quick and dirty hack that could resolve some problems (at least in my case) like the crash of critical services due to OOM-killing (or due to the failure of a malloc() when OOM-killer is disabled). When $VERY_CRITICAL_DAEMON dies *all* the users blame the sysadmin [me]. If a user application dies because a malloc() returns NULL, the sysadmin [I] can blame the user saying: "hey! _you_ tried to hog the machine and _your_ application is not able to handle the NULL result of the malloc()s!"... :-) A solution could be to define the critical processes unkillable via /proc/<pid>/oom_adj, but the per-process approach doesn't resolve all the possible cases and it's quite difficult to manage in big environments, like HPC clusters. Anyway, it seems that I need to deepen my knowledge about the recent development of process containers and openvz... Thanks, -Andrea - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/