On 11/14/06, Florin Malita <[EMAIL PROTECTED]> wrote:
fffffh wrote:
> Din motive de memorie foarte limitata. Daca sshd-ul ocupa 7-8 MB/proces
> USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
> root 8657 0.1 2.7 7692 1700 ? Ss 11:20 0:00 sshd:
> user [priv]
> user 8659 0.0 2.0 7692 1240 ? S 11:21 0:00 sshd: [EMAIL
PROTECTED]/0
>
Nu te uiti unde trebuie: VSZ e spatiul de adrese virtuale al procesului,
fara o legatura directa cu memoria ocupata.
RSS e o indicatie mai apropiata de realitate dar tot nu tine cont de
paginile share-uite si in plus te poate induce in eroare daca procesul
are pagini in swap. In afara de BSS, data & stack cam toate celelalte
componente ale spatiului de adrese (executabilul, shared libs, etc - cat
/proc/<pid>/maps) sunt mapate share-uit asa ca nu ocupa memorie
suplimentara cu fiecare noua instanta sshd.
Cea mai buna indicatie pentru ce vrei tu (cat ocupa sshd *per proces*) e
probabil 'data' din /proc/<pid>/statm: sshd-ul iti papa efectiv (mult?)
mai putin de 1MB/proces.
status:
Name: in.telnetd
State: S (sleeping)
SleepAVG: 98%
Tgid: 17881
Pid: 17881
PPid: 17849
TracerPid: 0
Uid: 106 106 106 106
Gid: 112 112 112 112
FDSize: 32
Groups: 43 112
VmPeak: 1724 kB
VmSize: 1716 kB
VmLck: 0 kB
VmHWM: 692 kB
VmRSS: 692 kB
VmData: 204 kB
VmStk: 88 kB
VmExe: 32 kB
VmLib: 1348 kB
VmPTE: 12 kB
Threads: 1
SigQ: 0/4294967295
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000280001
SigCgt: 0000000000010000
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
Cpus_allowed: ff
Mems_allowed: 1
statm:
429 size-------total program size
173 resident---resident set size
141 share------shared pages
8 text-------text (code)
0 lib--------library
73 data-------data/stack
0 dt---------dirty pages (unused in Linux 2.6)
===================================
status
Name: sshd
State: S (sleeping)
SleepAVG: 79%
Tgid: 15188
Pid: 15188
PPid: 3522
TracerPid: 0
Uid: 0 0 0 0
Gid: 0 0 0 0
FDSize: 32
Groups:
VmPeak: 7788 kB
VmSize: 7724 kB
VmLck: 0 kB
VmHWM: 2344 kB
VmRSS: 2344 kB
VmData: 476 kB
VmStk: 88 kB
VmExe: 312 kB
VmLib: 4032 kB
VmPTE: 16 kB
Threads: 1
SigQ: 0/1614
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000001000
SigCgt: 0000000000004001
CapInh: 0000000000000000
CapPrm: 00000000fffffeff
CapEff: 00000000fffffeff
Cpus_allowed: ff
Mems_allowed: 1
statm:
1931 size-------total program size
586 resident---resident set size
474 share------shared pages
78 text-------text (code)
0 lib--------library
141 data-------data/stack
0 dt---------dirty pages (unused in Linux 2.6)
Adica daca valorile pentru sshd sunt mici, atunci valorile pentru
telnetd sunt foarte mici.
> Chiar consuma mai putina memorie
De acord! dar tot nu se justifica crearea uneia dintre cele mai mari
bube de securitate prin folosirea unui protocol cleartext. Chiar daca
masina respectiva e intr-un LAN, probabil va fi intr-un LAN cu acces la
InterNet. Mai mult, daca masina respectiva are nevoie de putere de
calcul/memorie, probabil ca face ceva important. Vrei musai sa lasi pe
mana oricui trece de gateway acel ceva important? Situatia e cu atat mai
trista daca masina respectiva e direct conectata la InterNet.
Discutia ar putea continua si despre imap/pop3 servicii oferite la
greu in .ro (nici macar un https pt webmail).
Masina nu are este cea care iasa direct la internet, si de facut ceva
important mai mult decat sa asigure pentru o grupa de studenti acces
la un "lamp" si compilator de
"C sub un X"+joe nu face. Oricum mai sunt alte zeci de ochi in jur
care pot sa vada parolele direct in timp ce se tasteaza.
Nu stiu daca va fi "pornita" non stop sau decat 4 ore/saptamana cat
dureaze cursurile.
_______________________________________________
RLUG mailing list
RLUG@lists.lug.ro
http://lists.lug.ro/mailman/listinfo/rlug
