Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Josselin Mouette]

Le mercredi 13 avril 2011 à 10:51 +0100, Philip Hands a écrit : 
 Therefore, in the multi-partition setup, I think we should also default
 to having /tmp on tmpfs.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245465

-- 
 .''`.  Josselin Mouette
: :' :
`. `'  “If you behave this way because you are blackmailed by someone,
  `-[…] I will see what I can do for you.”  -- Jörg Schilling



signature.asc
Description: This is a digitally signed message part

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Goswin von Brederlow]

Roger Leigh rle...@codelibre.net writes:

 On Fri, Apr 15, 2011 at 04:41:56PM +0200, Goswin von Brederlow wrote:
 Roger Leigh rle...@codelibre.net writes:
 
  If it wasn't already clear, having /tmp as a tmpfs is a
  /configurable option/, and it is /not/ the default (except when
  root is read-only (ro) in fstab).
 
 I hope you check the fstab first. If there is a entry for a non tmpfs
 /tmp filesystem then that should be used. I'm assuming you do but just
 to be sure...

 No, we don't check.  It's up to the admin to configure their
 system properly.  If there is an entry in in fstab, it'll be
 mounted on top of the tmpfs, so the system will be configured
 the way they asked, but there will be a hidden tmpfs mount.
 But they would have explicitly needed to set RAMTMP=yes to get
 into this situation.

 For new installs, where the default /etc/default/rcS files does
 set RAMTMP=yes by default, the fstab file will not yet contain
 any user-specific mounts.  If they do want to manuall mount
 something on /tmp, then they simply set RAMTMP=no.

 Note this behaviour is exactly the same as existing practice for
 /dev/shm, /var/run and /var/lock.

Then I don't get your 'is /not/ the default (except when root is
read-only (ro) in fstab)'.

To me that reads like you will mount a tmpfs on /tmp if root is
read-only even if RAMTMP is not set. Which is wrong if the system has a
/tmp filesystem in /etc/fstab.

I already have a tmpfs for /tmp in my /etc/fstab and my root is
read-only. Does that then mean I do get 2 tmpfs mounted for /tmp, one
over the other?

Also mount -a (in mountall.sh) fails, and therefore the whole boot, if a
mountpoint already has something else mounted. If you unconditionally
mount a tmpfs on /tmp if root is read-only then you just made systems
unbootable that have /tmp in fstab. You do not get the behaviour you
describe above.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87oc464pie.fsf@frosties.localnet

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Sat, Apr 16, 2011 at 09:35:53AM +0200, Goswin von Brederlow wrote:
 Roger Leigh rle...@codelibre.net writes:
 
  On Fri, Apr 15, 2011 at 04:41:56PM +0200, Goswin von Brederlow wrote:
  Roger Leigh rle...@codelibre.net writes:
  
   If it wasn't already clear, having /tmp as a tmpfs is a
   /configurable option/, and it is /not/ the default (except when
   root is read-only (ro) in fstab).
  
  I hope you check the fstab first. If there is a entry for a non tmpfs
  /tmp filesystem then that should be used. I'm assuming you do but just
  to be sure...
 
  No, we don't check.  It's up to the admin to configure their
  system properly.  If there is an entry in in fstab, it'll be
  mounted on top of the tmpfs, so the system will be configured
  the way they asked, but there will be a hidden tmpfs mount.
  But they would have explicitly needed to set RAMTMP=yes to get
  into this situation.
 
  For new installs, where the default /etc/default/rcS files does
  set RAMTMP=yes by default, the fstab file will not yet contain
  any user-specific mounts.  If they do want to manuall mount
  something on /tmp, then they simply set RAMTMP=no.
 
  Note this behaviour is exactly the same as existing practice for
  /dev/shm, /var/run and /var/lock.
 
 Then I don't get your 'is /not/ the default (except when root is
 read-only (ro) in fstab)'.
 
 To me that reads like you will mount a tmpfs on /tmp if root is
 read-only even if RAMTMP is not set. Which is wrong if the system has a
 /tmp filesystem in /etc/fstab.

This is a good point.  I've added the ability to detect if a
filesystem will be mounted, and skip the tmpfs mount on /tmp if
an entry for /tmp exists in fstab (will_mount in
/lib/init/mount-functions.sh)

 Also mount -a (in mountall.sh) fails, and therefore the whole boot, if a
 mountpoint already has something else mounted. If you unconditionally
 mount a tmpfs on /tmp if root is read-only then you just made systems
 unbootable that have /tmp in fstab.

This is not correct.  Have you actually tried it?  I have, and other
than the cosmetic issue of having a real filesystem mounted over the
top of the tmpfs, the system is entirely functional, and boots error
free.  And with the above change, even this cosmetic issue is gone.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philip Hands]

On Sat, 16 Apr 2011 09:17:04 +0200, Josselin Mouette j...@debian.org wrote:
 Le mercredi 13 avril 2011 à 10:51 +0100, Philip Hands a écrit : 
  Therefore, in the multi-partition setup, I think we should also default
  to having /tmp on tmpfs.
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245465

Ah, good point -- so rather than just chatting about this I should
probably get off my arse and start making some sort of contribution to
d-i.

I'll test your patch.

Cheers, Phil.
-- 
|)|  Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/
|-|  HANDS.COM Ltd.http://www.uk.debian.org/
|(|  10 Onslow Gardens, South Woodford, London  E18 1NE  ENGLAND


pgp3SdiDFr41A.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[rleigh]

On Sat, Apr 16, 2011 at 11:31:08AM +0100, Philip Hands wrote:
 On Sat, 16 Apr 2011 09:17:04 +0200, Josselin Mouette j...@debian.org wrote:
  Le mercredi 13 avril 2011 à 10:51 +0100, Philip Hands a écrit : 
   Therefore, in the multi-partition setup, I think we should also default
   to having /tmp on tmpfs.
  
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245465
 
 Ah, good point -- so rather than just chatting about this I should
 probably get off my arse and start making some sort of contribution to
 d-i.

By the way, now that initscripts has support for mounting tmpfs
on /tmp, all d-i needs to do is to set RUNTMP=yes when creating
/etc/default/rcS (it already needs to do this for UTC).  It
might also want to allow adjustment of the size set in
/etc/default/tmpfs and ensure there's sufficient swap space
configured, but it shouldn't actually require any fstab changes.
(Though the mount logic should let it pick up the mount options
from /etc/fstab, if present.)


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110416110822.gb13...@codelibre.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Goswin von Brederlow]

Roger Leigh rle...@codelibre.net writes:

 On Sat, Apr 16, 2011 at 09:35:53AM +0200, Goswin von Brederlow wrote:
 To me that reads like you will mount a tmpfs on /tmp if root is
 read-only even if RAMTMP is not set. Which is wrong if the system has a
 /tmp filesystem in /etc/fstab.

 This is a good point.  I've added the ability to detect if a
 filesystem will be mounted, and skip the tmpfs mount on /tmp if
 an entry for /tmp exists in fstab (will_mount in
 /lib/init/mount-functions.sh)

Thanks.

 Also mount -a (in mountall.sh) fails, and therefore the whole boot, if a
 mountpoint already has something else mounted. If you unconditionally
 mount a tmpfs on /tmp if root is read-only then you just made systems
 unbootable that have /tmp in fstab.

 This is not correct.  Have you actually tried it?  I have, and other
 than the cosmetic issue of having a real filesystem mounted over the
 top of the tmpfs, the system is entirely functional, and boots error
 free.  And with the above change, even this cosmetic issue is gone.

Hmm. This is strange. I extrapolated from my experience with proc
(#603858):

/proc/mounts: (proc mounted by initramfs-tools in the ramdisk)
none on /proc type proc (rw,relatime)

fstab:
proc/proc   procdefaults0   0

# mount -v -a -t nonfs,nfs4,smbfs,cifs,ncp,ncpfs,coda,ocfs2,gfs,gfs2 -O 
no_netdev
mount: proc already mounted or /proc busy
mount: according to mtab, none is already mounted on /proc
# echo $?
32


BUT:

/proc/mounts:
none on /tmp2 type tmpfs (rw,relatime)

fstab:
tmpfs   /tmp2   tmpfs   defaults0   0

# mount -v -a -t nonfs,nfs4,smbfs,cifs,ncp,ncpfs,coda,ocfs2,gfs,gfs2 -O 
no_netdev
tmpfs on /tmp2 type tmpfs (rw)
# echo $?
0


It seems like proc is a special case that doesn't allow mounting
something over it. With tmpfs it just mounts over the old entry. Sorry
for raising the alarm.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87oc46dqy2.fsf@frosties.localnet

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Thu, Apr 14, 2011 at 09:27:23AM -0400, Marvin Renich wrote:
 * Luca Capello l...@pca.it [110414 06:43]:
  Hi there!
  
  Disclaimer: this is my last post on this matter (i.e. the meaning of
  RAMLOCK), it seems there is a problem with myself or my understanding.
  
  Either I do not read `man rcS` as you read it or we do not understand
  each other, so here the situation before and after your patch for /run
  (/var/lock became useless, everything is in /run/lock now, but I kept
  using /var/lock for consistency with the previous state):
  
  [before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
   RAMLOCK=yes - /var/lock on tmpfs
   [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
  that /var/lock is symlinked/bind-mounted to
  /run/lock)
   RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
  the one mounted at /run
  
  So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
  changed.  This is where we do not agree on wordings, but given that
  English is not my mother language, maybe it is only my fault.
  
  Thx, bye,
  Gismo / Luca
 
 Luca,
 
 It appears to me that you understand perfectly what RAMLOCK does.  Your
 issue appears to be with the wording of the man page.  To me (as a
 native English speaker) the wording is explicit about what will happen
 if you set RAMLOCK=yes (i.e. a tmpfs will be allocated and mounted at
 /var/lock--soon to be /run/lock), but is ambiguous as to what will
 happen if RAMLOCK=no.  The implicit meaning is that no tmpfs will be
 allocated _for /var/lock_ and it will be on the same file system as
 /var, whatever that may be (soon to be /run/lock and /run).  So the
 implicit behavior is that if RAMLOCK=no, and /var is a tmpfs, /var/lock
 will simply be a part of the tmpfs on /var.  This is indeed the current
 (pre-/run) behavior, and is exactly the same as what will soon be with
 /run.
 
 The current wording of the man page seems correct to me, even for the
 new /run directory structure (with appropriate changes from /var/lock to
 /run/lock), but some minor changes in wording would make the RAMLOCK=no
 behavior more explicit.  I would add the word separate and a sentence
 describing the behavior when RAMLOCK=no:
 
 Make /var/lock/ available as a separate ram file system (tmpfs).
 Will also disable cleaning of /var/lock/ during boot.  Set to 'yes'
 to enable, to 'no' to disable.  When 'no', /var/lock is on the same
 file system as /var.  The size of the tmpfs can be controlled using
 TMPFS_SIZE and LOCK_SIZE in /etc/default/tmpfs.  Because of this,
 packages can not expect directories in /var/lock to exist after
 boot.  Packages expecting this are buggy and need to be fixed.
 
 If you like this wording, you should file a wishlist bug on the
 initscripts package.  (I'm not going to because the current wording
 doesn't bother me.)

New text, which is hopefully clear enough:

RAMLOCK
  Make  /run/lock/ available as a ram file system (tmpfs).  Set to
  'yes' to enable, to 'no' to disable (defaults to yes).  The size
  of the tmpfs can be controlled using TMPFS_SIZE and LOCK_SIZE in
  /etc/default/tmpfs.  Note  that  irrespective  of  this  setting
  /run/lock  will  be  located  on  a tmpfs, either one mounted on
  /run/lock (if RAMLOCK=yes)  or  one  mounted  on  /run  (if RAM‐
  LOCK=no),  and as a result the contents of /var/lock will always
  be lost on system reboot, and it  it  is  no  longer  explicitly
  cleaned  at  boot.   Because  of  this,  packages can not expect
  directories in /var/lock to exist after boot.  Packages  expect‐
  ing  this  are  buggy and need to be fixed.  Note that /run/lock
  was previously /var/lock, and a compatibility  symlink  or  bind
  mount will be created to allow the old path to continue to func‐
  tion.

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bastien ROUCARIES]

 New text, which is hopefully clear enough:

 RAMLOCK
  Make  /run/lock/ available as a ram file system (tmpfs).  Set to
  'yes' to enable, to 'no' to disable (defaults to yes).  The size
  of the tmpfs can be controlled using TMPFS_SIZE and LOCK_SIZE in
  /etc/default/tmpfs.  Note  that  irrespective  of  this  setting
  /run/lock  will  be  located  on  a tmpfs, either one mounted on
  /run/lock (if RAMLOCK=yes)  or  one  mounted  on  /run  (if RAM‐
  LOCK=no),  and as a result the contents of /var/lock will always
  be lost on system reboot, and it  it  is  no  longer  explicitly
  cleaned  at  boot.   Because  of  this,  packages can not expect
  directories in /var/lock to exist after boot.  Packages  expect‐
  ing  this  are  buggy and need to be fixed.  Note that /run/lock
  was previously /var/lock, and a compatibility  symlink  or  bind
  mount will be created to allow the old path to continue to func‐
  tion.

In all the case could we create a mount point for /run/lock ?
A bind mount for disk based and a true mount for ramfs ?

Bastien


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/BANLkTi=fkwvx+muhzb4hdjxhdo8-ecv...@mail.gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Fri, Apr 15, 2011 at 12:58:19PM +0200, Bastien ROUCARIES wrote:
  New text, which is hopefully clear enough:
 
  RAMLOCK
   Make  /run/lock/ available as a ram file system (tmpfs).  Set to
   'yes' to enable, to 'no' to disable (defaults to yes).  The size
   of the tmpfs can be controlled using TMPFS_SIZE and LOCK_SIZE in
   /etc/default/tmpfs.  Note  that  irrespective  of  this  setting
   /run/lock  will  be  located  on  a tmpfs, either one mounted on
   /run/lock (if RAMLOCK=yes)  or  one  mounted  on  /run  (if RAM‐
   LOCK=no),  and as a result the contents of /var/lock will always
   be lost on system reboot, and it  it  is  no  longer  explicitly
   cleaned  at  boot.   Because  of  this,  packages can not expect
   directories in /var/lock to exist after boot.  Packages  expect‐
   ing  this  are  buggy and need to be fixed.  Note that /run/lock
   was previously /var/lock, and a compatibility  symlink  or  bind
   mount will be created to allow the old path to continue to func‐
   tion.
 
 In all the case could we create a mount point for /run/lock ?
 A bind mount for disk based and a true mount for ramfs ?

Sorry, but I'm not sure I get what you're saying here.  Could you
rephrase it more clearly?


Thanks,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Goswin von Brederlow]

Bastien ROUCARIES roucaries.bast...@gmail.com writes:

 On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
 On Wed, 13 Apr 2011 10:32:42 +0100
 Roger Leigh rle...@codelibre.net wrote:

 On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:

 Following the discussion yesterday, I'd like to propose doing
 something like the example below.  It's possible to size a tmpfs
 as a percentage of core memory, the default being -o size=50%.
 Rather than setting an absolute value, we can size e.g. /run
 as a percentage of total memory, which should scale with /run
 usage better than a fixed value.

 Proposal:
 [...]
 /run/shm: No default (use general tmpfs default of 20%)
 /tmp: No default (use general tmpfs default of 20%)

 20% doesn't seem like a lot for /tmp when people try and compile
 something. While its not something most people end up doing, it does
 seem odd to make people change their tempfs size before they can start
 building packages for debian/themselves.
 just a thought,

 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM

 Please do not put /tmp on tmpfs use a bind mount of a rw partition

 Bastien

Then you wouldn't be setting RAMTMP (or whatever the variable is
called).

MfG
Goswin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87y63bk29p.fsf@frosties.localnet

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Goswin von Brederlow]

Roger Leigh rle...@codelibre.net writes:

 On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
 On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
  On Wed, 13 Apr 2011 10:32:42 +0100
  Roger Leigh rle...@codelibre.net wrote:
 
  On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 
  Following the discussion yesterday, I'd like to propose doing
  something like the example below.  It's possible to size a tmpfs
  as a percentage of core memory, the default being -o size=50%.
  Rather than setting an absolute value, we can size e.g. /run
  as a percentage of total memory, which should scale with /run
  usage better than a fixed value.
 
  Proposal:
  [...]
  /run/shm: No default (use general tmpfs default of 20%)
  /tmp: No default (use general tmpfs default of 20%)
 
  20% doesn't seem like a lot for /tmp when people try and compile
  something. While its not something most people end up doing, it does
  seem odd to make people change their tempfs size before they can start
  building packages for debian/themselves.
  just a thought,
 
 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM
 
 Please do not put /tmp on tmpfs use a bind mount of a rw partition

 If it wasn't already clear, having /tmp as a tmpfs is a
 /configurable option/, and it is /not/ the default (except when
 root is read-only (ro) in fstab).

I hope you check the fstab first. If there is a entry for a non tmpfs
/tmp filesystem then that should be used. I'm assuming you do but just
to be sure...

MfG
Goswin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87tydzk24r.fsf@frosties.localnet

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Goswin von Brederlow]

John D. Hendrickson and Sara Darnell johnandsa...@cox.net writes:

 I'm reading (can't spend allot of time though, I'll try)
   initscripts_2.88dsf-13.3_amd64.deb
   sysvinit_2.88dsf-13.3.dsc

 I'm thinking (I'm not sure) that Bastien is working on this.  He'd
 mentioned issues between sysinit and running on certain vservers.

 While reading scripts it reminded me, /etc/default, I have an older
 bug / comment to mention!  There shouldn't be any magic in
 /etc/default.

 It's a bad practice to have magic in /etc/default.  Any magic an init
 script needs to remain right in the init script itself.  Why?

   1) so the two are never separated
   2) so a lack of defaults doesn't ammount to broken initscript
   3) so if I use MY init script, or an older one, it is not foo'd

 thanks I hope that helps anyone :)

 John

Like using a construct like this?

# Set default values
# Do not change them here, edit /etc/default/foo to customize

FOO=42
BAR=23

# Source customization
[ -f /etc/default/foo ]  . /etc/default/foo


Is what you mean? At least for variable where being empty isn't a sane
default.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87pqonk1ys.fsf@frosties.localnet

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Fri, Apr 15, 2011 at 04:41:56PM +0200, Goswin von Brederlow wrote:
 Roger Leigh rle...@codelibre.net writes:
 
  If it wasn't already clear, having /tmp as a tmpfs is a
  /configurable option/, and it is /not/ the default (except when
  root is read-only (ro) in fstab).
 
 I hope you check the fstab first. If there is a entry for a non tmpfs
 /tmp filesystem then that should be used. I'm assuming you do but just
 to be sure...

No, we don't check.  It's up to the admin to configure their
system properly.  If there is an entry in in fstab, it'll be
mounted on top of the tmpfs, so the system will be configured
the way they asked, but there will be a hidden tmpfs mount.
But they would have explicitly needed to set RAMTMP=yes to get
into this situation.

For new installs, where the default /etc/default/rcS files does
set RAMTMP=yes by default, the fstab file will not yet contain
any user-specific mounts.  If they do want to manuall mount
something on /tmp, then they simply set RAMTMP=no.

Note this behaviour is exactly the same as existing practice for
/dev/shm, /var/run and /var/lock.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Edward Allcutt]

On Fri, 15 Apr 2011, Roger Leigh wrote:

For new installs, where the default /etc/default/rcS files does
set RAMTMP=yes by default, the fstab file will not yet contain
any user-specific mounts.  If they do want to manuall mount
something on /tmp, then they simply set RAMTMP=no.


Hopefully you don't set RAMTMP=yes on new installs where a /tmp partition
has been configured (and thus will be in fstab)?

--
Edward Allcutt


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/alpine.deb.2.00.1104151605100.30...@pandora.retrosnub.co.uk

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bastien ROUCARIES]

On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
 On Wed, 13 Apr 2011 10:32:42 +0100
 Roger Leigh rle...@codelibre.net wrote:

 On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:

 Following the discussion yesterday, I'd like to propose doing
 something like the example below.  It's possible to size a tmpfs
 as a percentage of core memory, the default being -o size=50%.
 Rather than setting an absolute value, we can size e.g. /run
 as a percentage of total memory, which should scale with /run
 usage better than a fixed value.

 Proposal:
 [...]
 /run/shm: No default (use general tmpfs default of 20%)
 /tmp: No default (use general tmpfs default of 20%)

 20% doesn't seem like a lot for /tmp when people try and compile
 something. While its not something most people end up doing, it does
 seem odd to make people change their tempfs size before they can start
 building packages for debian/themselves.
 just a thought,

And moreover for scientific computation /tmp need to be on an
harddisk. I do not want my 16GiB matric to go to memory when I have
only 8GiB of RAM

Please do not put /tmp on tmpfs use a bind mount of a rw partition

Bastien

 kk

 --
 Karl Goetz, (Kamping_Kaiser / VK5FOSS)
 Debian contributor / gNewSense Maintainer
 http://www.kgoetz.id.au
 No, I won't join your social networking group



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/BANLkTim8WEMBGzorTV=obey7ihxt9kq...@mail.gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Lars Wirzenius]

On to, 2011-04-14 at 10:44 +0200, Bastien ROUCARIES wrote:
 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM

That sounds like you'd be better off using /var/tmp instead, actually.

 Please do not put /tmp on tmpfs use a bind mount of a rw partition

No configuration for /tmp is going to be suitable for every purpose, I'm
afraid. That's why it's so great that we have a standard way of
overriding the location for temporary files: $TMPDIR.

(Me, I'd quite like to see /tmp go away completely.)

-- 
Blog/wiki/website hosting with ikiwiki (free for free software):
http://www.branchable.com/


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/1302772324.2921.17.ca...@havelock.liw.fi

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
 On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
  On Wed, 13 Apr 2011 10:32:42 +0100
  Roger Leigh rle...@codelibre.net wrote:
 
  On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 
  Following the discussion yesterday, I'd like to propose doing
  something like the example below.  It's possible to size a tmpfs
  as a percentage of core memory, the default being -o size=50%.
  Rather than setting an absolute value, we can size e.g. /run
  as a percentage of total memory, which should scale with /run
  usage better than a fixed value.
 
  Proposal:
  [...]
  /run/shm: No default (use general tmpfs default of 20%)
  /tmp: No default (use general tmpfs default of 20%)
 
  20% doesn't seem like a lot for /tmp when people try and compile
  something. While its not something most people end up doing, it does
  seem odd to make people change their tempfs size before they can start
  building packages for debian/themselves.
  just a thought,
 
 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM
 
 Please do not put /tmp on tmpfs use a bind mount of a rw partition

If it wasn't already clear, having /tmp as a tmpfs is a
/configurable option/, and it is /not/ the default (except when
root is read-only (ro) in fstab).


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Adam Borowski]

On Thu, Apr 14, 2011 at 11:50:52AM +0930, Karl Goetz wrote:
 On Wed, 13 Apr 2011 10:32:42 +0100
 Roger Leigh rle...@codelibre.net wrote:
  Proposal:
 [...]
  /tmp: No default (use general tmpfs default of 20%)
 
 20% doesn't seem like a lot for /tmp when people try and compile
 something. While its not something most people end up doing, it does
 seem odd to make people change their tempfs size before they can start
 building packages for debian/themselves.

Yeah, especially on small systems.

What about using the size of swap instead?  Heck, if RAM is not tight, even
100% of swap could be a good default maximum.  Of course, no swap would mean
/tmp on a slow general-purpose filesystem.

-- 
1KB // Microsoft corollary to Hanlon's razor:
//  Never attribute to stupidity what can be
//  adequately explained by malice.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bastien ROUCARIES]

On Thu, Apr 14, 2011 at 11:15 AM, Roger Leigh rle...@codelibre.net wrote:
 On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
 On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
  On Wed, 13 Apr 2011 10:32:42 +0100
  Roger Leigh rle...@codelibre.net wrote:
 
  On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 
  Following the discussion yesterday, I'd like to propose doing
  something like the example below.  It's possible to size a tmpfs
  as a percentage of core memory, the default being -o size=50%.
  Rather than setting an absolute value, we can size e.g. /run
  as a percentage of total memory, which should scale with /run
  usage better than a fixed value.
 
  Proposal:
  [...]
  /run/shm: No default (use general tmpfs default of 20%)
  /tmp: No default (use general tmpfs default of 20%)
 
  20% doesn't seem like a lot for /tmp when people try and compile
  something. While its not something most people end up doing, it does
  seem odd to make people change their tempfs size before they can start
  building packages for debian/themselves.
  just a thought,

 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM

 Please do not put /tmp on tmpfs use a bind mount of a rw partition

 If it wasn't already clear, having /tmp as a tmpfs is a
 /configurable option/, and it is /not/ the default (except when
 root is read-only (ro) in fstab).

Could you bind mount /var/tmp under /tmp in this case ?

Bastien that use is android phone sometime to solve math problem...



 Regards,
 Roger

 --
  .''`.  Roger Leigh
  : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
  `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (GNU/Linux)

 iEYEARECAAYFAk2muxsACgkQVcFcaSW/uEjw7gCgkYgVs+3SvHhF+8Sgk4SboCQF
 thgAn38DpDR+iJCv7YdlzTA1nBEfgb8G
 =2T+k
 -END PGP SIGNATURE-




--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/banlktinows0wv7zuhrfdpub6g_2qbu8...@mail.gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bastien ROUCARIES]

On Thu, Apr 14, 2011 at 11:32 AM, Bastien ROUCARIES
roucaries.bast...@gmail.com wrote:
 On Thu, Apr 14, 2011 at 11:15 AM, Roger Leigh rle...@codelibre.net wrote:
 On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
 On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
  On Wed, 13 Apr 2011 10:32:42 +0100
  Roger Leigh rle...@codelibre.net wrote:
 
  On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 
  Following the discussion yesterday, I'd like to propose doing
  something like the example below.  It's possible to size a tmpfs
  as a percentage of core memory, the default being -o size=50%.
  Rather than setting an absolute value, we can size e.g. /run
  as a percentage of total memory, which should scale with /run
  usage better than a fixed value.
 
  Proposal:
  [...]
  /run/shm: No default (use general tmpfs default of 20%)
  /tmp: No default (use general tmpfs default of 20%)
 
  20% doesn't seem like a lot for /tmp when people try and compile
  something. While its not something most people end up doing, it does
  seem odd to make people change their tempfs size before they can start
  building packages for debian/themselves.
  just a thought,

 And moreover for scientific computation /tmp need to be on an
 harddisk. I do not want my 16GiB matric to go to memory when I have
 only 8GiB of RAM

 Please do not put /tmp on tmpfs use a bind mount of a rw partition

 If it wasn't already clear, having /tmp as a tmpfs is a
 /configurable option/, and it is /not/ the default (except when
 root is read-only (ro) in fstab).

 Could you bind mount /var/tmp under /tmp in this case ?

And BTW it seems that since 2.6.14 (subtree bind mount) we could also
mount bind mount of /tmp as noexec nosuid...

Need to test but could work and improve your security

Bastien

 Bastien that use is android phone sometime to solve math problem...



 Regards,
 Roger

 --
  .''`.  Roger Leigh
  : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
  `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.10 (GNU/Linux)

 iEYEARECAAYFAk2muxsACgkQVcFcaSW/uEjw7gCgkYgVs+3SvHhF+8Sgk4SboCQF
 thgAn38DpDR+iJCv7YdlzTA1nBEfgb8G
 =2T+k
 -END PGP SIGNATURE-





--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/banlktinlpf7u-9b7drrzhm_55skczbw...@mail.gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Luca Capello]

Hi there!

Disclaimer: this is my last post on this matter (i.e. the meaning of
RAMLOCK), it seems there is a problem with myself or my understanding.

On Tue, 12 Apr 2011 23:42:58 +0200, Roger Leigh wrote:
 On Tue, Apr 12, 2011 at 10:35:37PM +0200, Luca Capello wrote:
 On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:
  On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:
  Currently, `man rcS` gives:
  
RAMLOCK
Make /var/lock/ available as a ram file system (tmpfs).
[...]
 Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
 on the same tmpfs than /run?

 If you set RAMLOCK=yes, then /run/lock is a *separate* tmpfs
 of size LOCK_SIZE, *exactly* like the /var/lock tmpfs mount
 (it's the same code with s/var/run/g).  So the actual behaviour of this
 option is entirely unchanged bar the switch from /var/lock to
 /run/lock.

 So by default, /run and /run/lock are on the same tmpfs.  But
 if you set RAMLOCK=yes, you'll get a second tmpfs mounted on
 /run/lock.  So yes, /run/lock will always be on a tmpfs filesystem,
 that's obviously the main point of the patch.

Either I do not read `man rcS` as you read it or we do not understand
each other, so here the situation before and after your patch for /run
(/var/lock became useless, everything is in /run/lock now, but I kept
using /var/lock for consistency with the previous state):

[before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
 RAMLOCK=yes - /var/lock on tmpfs
 [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
that /var/lock is symlinked/bind-mounted to
/run/lock)
 RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
the one mounted at /run

So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
changed.  This is where we do not agree on wordings, but given that
English is not my mother language, maybe it is only my fault.

Thx, bye,
Gismo / Luca


pgpinr9sbLCVE.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Luca Capello]

Hi there!

Just to be sure everyone gets it correctly...

On Thu, 14 Apr 2011 11:15:07 +0200, Roger Leigh wrote:
 If it wasn't already clear, having /tmp as a tmpfs is a
 /configurable option/, and it is /not/ the default (except when
 root is read-only (ro) in fstab).

Sorry, having /tmp as a tmpfs can be ATM set *manually* (i.e. not
managed by any Debian configuration file), I have asked for having
RAMTMP quite a long time ago, but I have been ignored since then:

  http://bugs.debian.org/402828

On Wed, 13 Apr 2011 14:49:15 +0200, Roger Leigh wrote:
 I would very much appreciate it if anyone could take the time to
 install the new initscripts and test it out.

 http://people.debian.org/~rleigh/run/sysvinit_2.88dsf-13.3.dsc
 http://people.debian.org/~rleigh/run/initscripts_2.88dsf-13.3_amd64.deb
[...]
 So, by default, you get (separate tmpfs mounts):
 /run
 /run/shm
 /lib/init/rw

 (RAMLOCK=no, RAMSHM=yes, RAMTMP=no)

Bingo, thank you for finally supporting RAMTMP :-)

However, as I was discussing at [1], I still think that RAMLOCK and
RAMSHM are misleading names and they should be something like
LOCK_OWN_TMPFS and SHM_OWN_TMPFS.  RUNLOCK and RUNSHM would have been
better, but this would mean that RUNLOCK=yes by default.

[1] http://lists.debian.org/msgid-search/%3c8739ln6wdi.fsf%40gismo.pca.it%3e

 For additional safety and security, it's possible to mount everything
 as separate tmpfs filesystems:

 /run
 /run/shm
 /run/lock
 /lib/init/rw
 /tmp

 (RAMLOCK=yes, RAMSHM=yes, RAMTMP=yes).  This lets one have separate
 size limits and mount modes for each mount.

 Alternatively, it's possible to have everything on a single /run
 tmpfs, including /tmp (excluding /lib/init/rw, which will be
 removed soon):

 /run
 /lib/init/rw
 /tmp → /run/tmp

 (RAMLOCK=no, RAMSHM=no, RAMTMP=no).  Note that /tmp was symlinked
 to /run/tmp prior to restarting, and /run/tmp was created by the
 init scripts (mountkernfs).  The symlink needs creating by hand
 should you wish to do this.  Having /tmp as a symlink can be used
 whatever the setting of RAMTMP, so you could have a tmpfs mounted
 on /run/tmp if you chose.

Sorry, but why does using RAMSHM=no causes /tmp to be a symlink?  AFAIK
these are two different and unrelated things.

Continuing the very same comment above on variable names, while we are
at it and if this could be a (sort of) common setup, could we add
support for something like RUNTMP, i.e. symling /tmp to /run/tmp?

Thx, bye,
Gismo / Luca


pgpDzeMdwKQ29.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[John D. Hendrickson and Sara Darnell]

fuser(1)

In the postinst (or other) it seems you wish to know if your impacting 
things, are not all sure about the vserver situation, and are using 
stat(1) and test -L and etc.


You might try fuser(1) so you are sure if /var/run will impact something.


Luca Capello wrote:

Hi there!

Disclaimer: this is my last post on this matter (i.e. the meaning of
RAMLOCK), it seems there is a problem with myself or my understanding.

On Tue, 12 Apr 2011 23:42:58 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 10:35:37PM +0200, Luca Capello wrote:

On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:

Currently, `man rcS` gives:

RAMLOCK
Make /var/lock/ available as a ram file system (tmpfs).

[...]

Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
on the same tmpfs than /run?

If you set RAMLOCK=yes, then /run/lock is a *separate* tmpfs
of size LOCK_SIZE, *exactly* like the /var/lock tmpfs mount
(it's the same code with s/var/run/g).  So the actual behaviour of this
option is entirely unchanged bar the switch from /var/lock to
/run/lock.

So by default, /run and /run/lock are on the same tmpfs.  But
if you set RAMLOCK=yes, you'll get a second tmpfs mounted on
/run/lock.  So yes, /run/lock will always be on a tmpfs filesystem,
that's obviously the main point of the patch.


Either I do not read `man rcS` as you read it or we do not understand
each other, so here the situation before and after your patch for /run
(/var/lock became useless, everything is in /run/lock now, but I kept
using /var/lock for consistency with the previous state):

[before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
 RAMLOCK=yes - /var/lock on tmpfs
 [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
that /var/lock is symlinked/bind-mounted to
/run/lock)
 RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
the one mounted at /run

So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
changed.  This is where we do not agree on wordings, but given that
English is not my mother language, maybe it is only my fault.

Thx, bye,
Gismo / Luca



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da6f023.4010...@cox.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[John D. Hendrickson and Sara Darnell]

I'm reading (can't spend allot of time though, I'll try)
initscripts_2.88dsf-13.3_amd64.deb
sysvinit_2.88dsf-13.3.dsc

I'm thinking (I'm not sure) that Bastien is working on this.  He'd 
mentioned issues between sysinit and running on certain vservers.


While reading scripts it reminded me, /etc/default, I have an older bug 
/ comment to mention!  There shouldn't be any magic in /etc/default.


It's a bad practice to have magic in /etc/default.  Any magic an init 
script needs to remain right in the init script itself.  Why?


1) so the two are never separated
2) so a lack of defaults doesn't ammount to broken initscript
3) so if I use MY init script, or an older one, it is not foo'd

thanks I hope that helps anyone :)

John


Bastien ROUCARIES wrote:

On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:

On Wed, 13 Apr 2011 10:32:42 +0100
Roger Leigh rle...@codelibre.net wrote:


On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
Following the discussion yesterday, I'd like to propose doing
something like the example below.  It's possible to size a tmpfs
as a percentage of core memory, the default being -o size=50%.
Rather than setting an absolute value, we can size e.g. /run
as a percentage of total memory, which should scale with /run
usage better than a fixed value.

Proposal:

[...]

/run/shm: No default (use general tmpfs default of 20%)
/tmp: No default (use general tmpfs default of 20%)

20% doesn't seem like a lot for /tmp when people try and compile
something. While its not something most people end up doing, it does
seem odd to make people change their tempfs size before they can start
building packages for debian/themselves.
just a thought,


And moreover for scientific computation /tmp need to be on an
harddisk. I do not want my 16GiB matric to go to memory when I have
only 8GiB of RAM

Please do not put /tmp on tmpfs use a bind mount of a rw partition

Bastien


kk

--
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group







--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da6edf2.1080...@cox.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[John D. Hendrickson and Sara Darnell]

I've noticed I have to check /etc carefully.

Some rc.d scripts that packages install edit and or activate things in 
/etc (they make insertions into automatically actived scripts in /etc 
for ssh, ppp, perl, network (pre-ifupdown or what), exim, things or 
other possible phone home things).  While most or all are innoculous 
(some DO look suspect) I don't allow that on my box - I boot thin is 
why.  And whenever there is somethign I read it to see why I must run 
it.  Due to that I use some of my own init scripts which are slackware 
or potatoe scripts :)



Luca Capello wrote:

Hi there!

Disclaimer: this is my last post on this matter (i.e. the meaning of
RAMLOCK), it seems there is a problem with myself or my understanding.

On Tue, 12 Apr 2011 23:42:58 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 10:35:37PM +0200, Luca Capello wrote:

On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:

Currently, `man rcS` gives:

RAMLOCK
Make /var/lock/ available as a ram file system (tmpfs).

[...]

Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
on the same tmpfs than /run?

If you set RAMLOCK=yes, then /run/lock is a *separate* tmpfs
of size LOCK_SIZE, *exactly* like the /var/lock tmpfs mount
(it's the same code with s/var/run/g).  So the actual behaviour of this
option is entirely unchanged bar the switch from /var/lock to
/run/lock.

So by default, /run and /run/lock are on the same tmpfs.  But
if you set RAMLOCK=yes, you'll get a second tmpfs mounted on
/run/lock.  So yes, /run/lock will always be on a tmpfs filesystem,
that's obviously the main point of the patch.


Either I do not read `man rcS` as you read it or we do not understand
each other, so here the situation before and after your patch for /run
(/var/lock became useless, everything is in /run/lock now, but I kept
using /var/lock for consistency with the previous state):

[before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
 RAMLOCK=yes - /var/lock on tmpfs
 [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
that /var/lock is symlinked/bind-mounted to
/run/lock)
 RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
the one mounted at /run

So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
changed.  This is where we do not agree on wordings, but given that
English is not my mother language, maybe it is only my fault.

Thx, bye,
Gismo / Luca



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da6f3b8.8050...@cox.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Marvin Renich]

* Luca Capello l...@pca.it [110414 06:43]:
 Hi there!
 
 Disclaimer: this is my last post on this matter (i.e. the meaning of
 RAMLOCK), it seems there is a problem with myself or my understanding.
 
 Either I do not read `man rcS` as you read it or we do not understand
 each other, so here the situation before and after your patch for /run
 (/var/lock became useless, everything is in /run/lock now, but I kept
 using /var/lock for consistency with the previous state):
 
 [before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
  RAMLOCK=yes - /var/lock on tmpfs
  [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
 that /var/lock is symlinked/bind-mounted to
 /run/lock)
  RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
 the one mounted at /run
 
 So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
 changed.  This is where we do not agree on wordings, but given that
 English is not my mother language, maybe it is only my fault.
 
 Thx, bye,
 Gismo / Luca

Luca,

It appears to me that you understand perfectly what RAMLOCK does.  Your
issue appears to be with the wording of the man page.  To me (as a
native English speaker) the wording is explicit about what will happen
if you set RAMLOCK=yes (i.e. a tmpfs will be allocated and mounted at
/var/lock--soon to be /run/lock), but is ambiguous as to what will
happen if RAMLOCK=no.  The implicit meaning is that no tmpfs will be
allocated _for /var/lock_ and it will be on the same file system as
/var, whatever that may be (soon to be /run/lock and /run).  So the
implicit behavior is that if RAMLOCK=no, and /var is a tmpfs, /var/lock
will simply be a part of the tmpfs on /var.  This is indeed the current
(pre-/run) behavior, and is exactly the same as what will soon be with
/run.

The current wording of the man page seems correct to me, even for the
new /run directory structure (with appropriate changes from /var/lock to
/run/lock), but some minor changes in wording would make the RAMLOCK=no
behavior more explicit.  I would add the word separate and a sentence
describing the behavior when RAMLOCK=no:

Make /var/lock/ available as a separate ram file system (tmpfs).
Will also disable cleaning of /var/lock/ during boot.  Set to 'yes'
to enable, to 'no' to disable.  When 'no', /var/lock is on the same
file system as /var.  The size of the tmpfs can be controlled using
TMPFS_SIZE and LOCK_SIZE in /etc/default/tmpfs.  Because of this,
packages can not expect directories in /var/lock to exist after
boot.  Packages expecting this are buggy and need to be fixed.

If you like this wording, you should file a wishlist bug on the
initscripts package.  (I'm not going to because the current wording
doesn't bother me.)

...Marvin


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110414132723.ga3...@cleo.wdw

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philip Hands]

On Thu, 14 Apr 2011 10:15:07 +0100, Roger Leigh rle...@codelibre.net wrote:
 On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
  On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
   On Wed, 13 Apr 2011 10:32:42 +0100
   Roger Leigh rle...@codelibre.net wrote:
  
   On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
  
   Following the discussion yesterday, I'd like to propose doing
   something like the example below.  It's possible to size a tmpfs
   as a percentage of core memory, the default being -o size=50%.
   Rather than setting an absolute value, we can size e.g. /run
   as a percentage of total memory, which should scale with /run
   usage better than a fixed value.
  
   Proposal:
   [...]
   /run/shm: No default (use general tmpfs default of 20%)
   /tmp: No default (use general tmpfs default of 20%)
  
   20% doesn't seem like a lot for /tmp when people try and compile
   something. While its not something most people end up doing, it does
   seem odd to make people change their tempfs size before they can start
   building packages for debian/themselves.
   just a thought,
  
  And moreover for scientific computation /tmp need to be on an
  harddisk. I do not want my 16GiB matric to go to memory when I have
  only 8GiB of RAM
  
  Please do not put /tmp on tmpfs use a bind mount of a rw partition
 
 If it wasn't already clear, having /tmp as a tmpfs is a
 /configurable option/, and it is /not/ the default (except when
 root is read-only (ro) in fstab).

I think that may have been in response to my suggestion that d-i should
set that option in the case when people select a multi-partition
install, using some or all of the space for that would have been used
for the tmp partition as additional swap.

It strikes me that in Bastien's example of having huge arrays on /tmp,
that allocating the 16G+ that was being allocated to /tmp as additional
swap would likely result in either no change, or in fact a speedup,
since the kernel can be more relaxed about pushing the writes out to
disk when it's doing it as swap, but I've not tested that, so I may be
wrong.

If the data he's talking about is at all compressible, adding compcache
to the mix might make things much faster for him in this setup, which
wouldn't help at all if he was still putting the data on a disk
partition based /tmp.

We should probably run tests on all these cases that people seem to be
blithely assuming would be slower.  Having run all my systems with tmpfs
/tmp for some time, I've never seen any negative impact, and often it's
clearly faster.  It also ensures that things like laptops don't need to
spin up their drives as often.

In short, I'm wondering why we don't just say that the default be to
have a tmpfs /tmp, set to be about as big as we would have set it if it
was on disk, and backed by enough extra swap to ensure that we're no
more likely to run out of RAM, and allow people to switch it off if they
don't like it, probably via a debconf question that modifies the choices
that we make for partition and swap sizing during installs.

The only problem I can see might be that things that munch their way
through memory (earlier versions of iceweasel come to mind) will take
much longer to bump into limits if we have too much swap, and so will
cause machines to grind to a halt as they swap all the drivel they've
filled memory with.  Not that having less swap made that much less
painful -- more recent versions of iceweasel seem rather better though,
so perhaps we should not pander to broken software in our choice of swap
size.

Cheers, Phil.
-- 
|)|  Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/
|-|  HANDS.COM Ltd.http://www.uk.debian.org/
|(|  10 Onslow Gardens, South Woodford, London  E18 1NE  ENGLAND


pgpD1Fd4xtry8.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[John D. Hendrickson and Sara Darnell]

One last rc.d comment.  (noting I use a variety but try to stick with 
latest)


For 20 yrs. every time I try NFS during boot scripts, no matter which 
linux, I tend to get my linux frozen when nfs can't mount.


I have yet to see an NFS that offers file access in a suitable manner 
(ie, error checking, correct locking, roll-backs, etc), though I 
occasionally, sparingly, use it myself.


Why you all want to make it default for everyone even if the don't have 
nfs configured I have no idea !  It's sure to cause problems and isn't 
required by everyone.


Ok, you can now beat me with rusty spoons I'll try not to write anymore 
(this week)



johnandsara2@cox.netJohn D. Hendrickson and Sara Darnell wrote:

I've noticed I have to check /etc carefully.

Some rc.d scripts that packages install edit and or activate things in 
/etc (they make insertions into automatically actived scripts in /etc 
for ssh, ppp, perl, network (pre-ifupdown or what), exim, things or 
other possible phone home things).  While most or all are innoculous 
(some DO look suspect) I don't allow that on my box - I boot thin is 
why.  And whenever there is somethign I read it to see why I must run 
it.  Due to that I use some of my own init scripts which are slackware 
or potatoe scripts :)



Luca Capello wrote:

Hi there!

Disclaimer: this is my last post on this matter (i.e. the meaning of
RAMLOCK), it seems there is a problem with myself or my understanding.

On Tue, 12 Apr 2011 23:42:58 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 10:35:37PM +0200, Luca Capello wrote:

On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:

On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:

Currently, `man rcS` gives:

RAMLOCK
Make /var/lock/ available as a ram file system (tmpfs).

[...]

Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
on the same tmpfs than /run?

If you set RAMLOCK=yes, then /run/lock is a *separate* tmpfs
of size LOCK_SIZE, *exactly* like the /var/lock tmpfs mount
(it's the same code with s/var/run/g).  So the actual behaviour of this
option is entirely unchanged bar the switch from /var/lock to
/run/lock.

So by default, /run and /run/lock are on the same tmpfs.  But
if you set RAMLOCK=yes, you'll get a second tmpfs mounted on
/run/lock.  So yes, /run/lock will always be on a tmpfs filesystem,
that's obviously the main point of the patch.


Either I do not read `man rcS` as you read it or we do not understand
each other, so here the situation before and after your patch for /run
(/var/lock became useless, everything is in /run/lock now, but I kept
using /var/lock for consistency with the previous state):

[before] RAMLOCK=no  - /var/lock on the same filesystem /var is on
 RAMLOCK=yes - /var/lock on tmpfs
 [after] RAMLOCK=no  - /var/lock is on tmpfs, shared with /run (given
that /var/lock is symlinked/bind-mounted to
/run/lock)
 RAMLOCK=yes - /var/lock gets its own tmpfs, differently from
the one mounted at /run

So, the meaning of RAMLOCK, WRT `man rcS` and as I read it, *has*
changed.  This is where we do not agree on wordings, but given that
English is not my mother language, maybe it is only my fault.

Thx, bye,
Gismo / Luca






--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da70144.9010...@cox.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Thu, Apr 14, 2011 at 02:13:57PM +0100, Philip Hands wrote:
 On Thu, 14 Apr 2011 10:15:07 +0100, Roger Leigh rle...@codelibre.net wrote:
  On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote:
   On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz k...@kgoetz.id.au wrote:
On Wed, 13 Apr 2011 10:32:42 +0100
Roger Leigh rle...@codelibre.net wrote:
   
On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
   
Following the discussion yesterday, I'd like to propose doing
something like the example below.  It's possible to size a tmpfs
as a percentage of core memory, the default being -o size=50%.
Rather than setting an absolute value, we can size e.g. /run
as a percentage of total memory, which should scale with /run
usage better than a fixed value.
   
Proposal:
[...]
/run/shm: No default (use general tmpfs default of 20%)
/tmp: No default (use general tmpfs default of 20%)
   
  If it wasn't already clear, having /tmp as a tmpfs is a
  /configurable option/, and it is /not/ the default (except when
  root is read-only (ro) in fstab).

[...]
 In short, I'm wondering why we don't just say that the default be to
 have a tmpfs /tmp, set to be about as big as we would have set it if it
 was on disk, and backed by enough extra swap to ensure that we're no
 more likely to run out of RAM, and allow people to switch it off if they
 don't like it, probably via a debconf question that modifies the choices
 that we make for partition and swap sizing during installs.

I would personally be quite happy in making a tmpfs /tmp the default.
I've used tmpfs /tmp on all my systems for many years, and never have
any problems.  Given that it would be quite controversial to introduce,
I didn't do that in this patch, but doing this for new installs would
be good.

One factor to consider is that by default we don't currently make
any guarantees about the size of /tmp.  If it's not a separate
filesystem, it's constrained by the size of the root filesystem,
which might be quite small.  So storing massive amounts of data
there is really not a good plan unless you've taken steps to
ensure there's enough free space there.

In my case, I have 16 GiB of swap space and have an 8 GiB limit
on my /tmp tmpfs.  Other people might mount a large partition there.
The general point I want to make is that if you want to store large
amounts of data on /tmp, you need to take steps to do that; we don't
support it by default.

In consequence, supporting a tmpfs on /tmp by default shouldn't be
particularly problematic, even if the size is small.  If you want
larger amounts of space then one can either increase the tmpfs size
(and possibly add more swap), or disable the tmpfs mount and mount a
separate partition there.

 The only problem I can see might be that things that munch their way
 through memory (earlier versions of iceweasel come to mind) will take
 much longer to bump into limits if we have too much swap, and so will
 cause machines to grind to a halt as they swap all the drivel they've
 filled memory with.  Not that having less swap made that much less
 painful -- more recent versions of iceweasel seem rather better though,
 so perhaps we should not pander to broken software in our choice of swap
 size.

We run into this issue with larger systems in general anyway--when you
have many gigabytes of memory, a process leaking memory will take much
longer to use up the available resources before being killed.  There's
not much we can realistically do about that (process resource limits
can partially mitigate this).  But in general, this is going to be an
issue whether the /tmp filesystem is backed by a disc partition or by
the VM.  So long as you have a sensible limit on the size of the tmpfs,
this isn't going to be more problematic than on a real filesystem in
terms of I/O load and safety.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Stig Sandbeck Mathisen]

Roger Leigh rle...@codelibre.net writes:

 One reason for doing this is to have a single writable mount on the
 system, which might be useful for tiny systems with minimal resources,
 where root is r/o. On such a system, it might be useful to pool the
 limited writable space (which might not be a tmpfs).

Could this case be handled better by the fsprotect package?

-- 
Stig Sandbeck Mathisen s...@debian.org


pgpZY6Bxgti27.pgp
Description: PGP signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Wed, Apr 13, 2011 at 10:29:16AM +0200, Stig Sandbeck Mathisen wrote:
 Roger Leigh rle...@codelibre.net writes:
 
  One reason for doing this is to have a single writable mount on the
  system, which might be useful for tiny systems with minimal resources,
  where root is r/o. On such a system, it might be useful to pool the
  limited writable space (which might not be a tmpfs).
 
 Could this case be handled better by the fsprotect package?

It's a nice idea, but for a somewhat different purpose.  This is
overlaying the read-only root with a writable overlay.  Where I'd
like to get to is a purely read-only setup where nothing is writing
to e.g. /etc.  fsprotect could be considered to be working around
deficiencies with our current situation, where I would like to
fix the underlying problems making an aufs overlay necessary in the
first place.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
  With the transition to /run and /run/lock as tmpfs filesystems, it
  would be desirable to provide sensible default size limits.  Currently,
  we default to the tmpfs default of ½ RAM.  But with several tmpfs
  filesystems, this does have the potential for the system to be OOMed
  by a user filling up more than one of the filesystems.  A sensible
  default size limit would be useful here, for at least some of the
  filesystems.
  
  We currently allow specification of size limits for:
  /run (RUN_SIZE)
  /run/lock (LOCK_SIZE, optional)
  /dev/shm (SHM_SIZE)
  /tmp (TMP_SIZE, optional)
  
  [from temporary git repo at 
  http://git.debian.org/?p=collab-maint/sysvinit;a=summary]
  
  In order to default to a sensible size, I would appreciate it if I
  could have some figures for the useage of these filesystems: e.g.
  
  % sudo du -sk /var/run /var/lock /dev/shm
 
 OK, some results:
 
 /var/run  /var/lock  /dev/shm
 Min9 0 0
 5% percentile 60 0 0
 Mean 886 9   599
 Median   120 8 0
 95% percentile   61217   310
 Max4769652 80744

Following the discussion yesterday, I'd like to propose doing
something like the example below.  It's possible to size a tmpfs
as a percentage of core memory, the default being -o size=50%.
Rather than setting an absolute value, we can size e.g. /run
as a percentage of total memory, which should scale with /run
usage better than a fixed value.

Proposal:
Switch the default for all tmpfs mounts from 50% to 20%; it's
still very large, but you have to mount many more to be able to
break your system.
/run: Use 10% core.  This gives 102MiB on 1GiB system; the largest
observed user used 50MiB.  Even a system with 512MiB would not have
hit the observed maximum, and that was a very large system with
presumably more memory than this.
/run/lock and /lib/init/rw: 5MiB each.  More than plenty, but far
less than current usage.
/run/shm: No default (use general tmpfs default of 20%)
/tmp: No default (use general tmpfs default of 20%)


Regards,
Roger


---
[/etc/default/tmpfs]

# Defaults for tmpfs filesystems mounted in early boot, before
# filesystems from /etc/fstab are mounted.
#
# _SIZE variables are the maximum size (in bytes) that tmpfs
# filesystems can use.  The size will be rounded down to a multiple of
# the page size, 4096 bytes.  If no size is set, TMPFS_SIZE will be
# used as the default.  _MODE variables are the initial access
# permissions for the root of the tmpfs mount.  If no mode is set,
# TMPFS_MODE will be used as the default.

# TMPFS_SIZE: maximum size for all tmpfs filesystems if no specific
# size is provided.  If no value is provided here, the kernel default
# will be used.
TMPFS_SIZE=20%
TMPFS_MODE=755

# RUN_SIZE: maximum size of /run (/var/run)
#
# Defaults to 10% core memory; the size required varies widely
# depending upon the demands of the software being run; this heuristic
# scales /run usage on system size.  Samba in particular has been seen
# to use at least 50MiB in a large heavily used server.  Typical usage
# is hundreds of KiB, maximum is tens of MiB.
RUN_SIZE=10%
RUN_MODE=755

# LOCK_SIZE: maximum size of /run/lock (/var/lock)
#
# Typical usage: tens of KiB; maximum hundreds of KiB.  Default of
# 5MiB should ensure the limit is never reached.
LOCK_SIZE=5242880 # 5MiB
LOCK_MODE=1777

# SHM_SIZE: maximum size of /run/shm (/dev/shm)
#
# No default size; the size required varies widely depending upon the
# demands of the software being run.
SHM_SIZE=
SHM_MODE=1777

# TMP_SIZE: maximum size of /tmp
#
# No default size.
TMP_SIZE=
TMP_MODE=1777

# RW_SIZE: maximum size of /lib/init/rw
#
# Note /lib/init/rw is deprecated and programs using is are migrating
# to use /run.  It will be removed once all users have migrated to
# /run.
# Typical usage: tens of KiB.  Default of 5MiB should ensure the limit
# is never reached.
RW_SIZE=5242880 # 5 MiB
RW_MODE=755


-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Thomas Hood]

First of all, thanks to Roger Leigh for leading this effort.

Roger Leigh wrote:
 Proposal:
 Switch the default for all tmpfs mounts from 50% to 20%; it's
 still very large, but you have to mount many more to be able to
 break your system.


He should have said ... but you have to mount *and fill* many more
to be able to break your system.

The current tmpfs size of 50% suffices to protect the system should
any *one* tmpfs be completely filled by a wayward process.  Is that
not good enough?  I.e., do we really need to worry about the case
where multiple tmpfses get filled simultaneously?

Does it matter whether the system fails due to filesystem full or
due to OOM?  Broken is broken.

If we do need to worry about that case then the real solution is
not arbitrarily to increase the number-of-tmpfses-to-fill-up-in-
order-to-break-the-system from 2 to 5.  One real solution is to
limit the total amount of memory that all tmpfses can take up to
some value less than 100%.  Another is to look more closely at which
tmpfses could reasonably be attacked and limit the sum of *their*
sizes to something less than 100%.
-- 
Thomas


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da576b3.7010...@gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philip Hands]

On Tue, 12 Apr 2011 13:51:09 +0200, Michael Biebl bi...@debian.org wrote:
 Am 12.04.2011 13:38, schrieb Roger Leigh:
 
  this for /var/lock (/run/lock), which can be mounted as a separate
  tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.  We could
  also do the same for /dev/shm (/run/shm) and /tmp (/run/tmp) as well.
  In the case of /tmp this would not be the default except when root is
  read-only.
 
 I don't think symlinking /tmp to /run would be a good idea, as one could fill 
 up
 /tmp (accidentaly)  pretty quick.
 If we want to make / ro, then a separate tmpfs for /tmp looks like a better 
 idea
 to me.

While were about this, for installs where the users select multiple
partitions we currently create a separate /tmp partition.

This strikes me as suboptimal, since one could use the disk space
allocated to /tmp as extra swap and then allocate a tmpfs of that size
to be mounted on /tmp with no effect other than allowing the system to
have access to more swap than it would have otherwise had (of course,
that's probably more than it needs, so instead you could just save some
disk space that would otherwise be left generally unused by overloading
the swap usage with /tmp usage.

Therefore, in the multi-partition setup, I think we should also default
to having /tmp on tmpfs.

Cheers, Phil.
-- 
|)|  Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/
|-|  HANDS.COM Ltd.http://www.uk.debian.org/
|(|  10 Onslow Gardens, South Woodford, London  E18 1NE  ENGLAND


pgpsRy7739Pbe.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bastian Blank]

On Tue, Apr 12, 2011 at 09:30:53PM +0200, Jan Hauke Rahm wrote:
 On Tue, Apr 12, 2011 at 08:21:25PM +0100, Roger Leigh wrote:
  I know little about vservers.  How do they currently deal with
  /dev/shm and /lib/init/rw?
 Interesting question. Actually, in my setup, I don't see /dev/shm at
 all and /lib/init/rw is a regular directory.

They don't. / is writable.

Bastian

-- 
Insufficient facts always invite danger.
-- Spock, Space Seed, stardate 3141.9


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110413111310.ga29...@wavehammer.waldi.eu.org

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Adam Borowski]

On Wed, Apr 13, 2011 at 10:51:50AM +0100, Philip Hands wrote:
 On Tue, 12 Apr 2011 13:51:09 +0200, Michael Biebl bi...@debian.org wrote:
  I don't think symlinking /tmp to /run would be a good idea, as one could 
  fill up
  /tmp (accidentaly)  pretty quick.
  If we want to make / ro, then a separate tmpfs for /tmp looks like a better 
  idea
  to me.
 
 While were about this, for installs where the users select multiple
 partitions we currently create a separate /tmp partition.
 
 This strikes me as suboptimal, since one could use the disk space
 allocated to /tmp as extra swap and then allocate a tmpfs of that size
 to be mounted on /tmp with no effect other than allowing the system to
 have access to more swap than it would have otherwise had (of course,
 that's probably more than it needs, so instead you could just save some
 disk space that would otherwise be left generally unused by overloading
 the swap usage with /tmp usage.
 
 Therefore, in the multi-partition setup, I think we should also default
 to having /tmp on tmpfs.

Sounds like a great idea.  I'd extend it to any setups with a swap.

Tmpfs is a lot faster than regular filesystems: it doesn't have to care
about preserving the data's integrity after a crash and thus has no
barriers, journaling, fsync().  When there's plenty of unused memory, the
data will not ever touch the disk, too -- gracefully getting written out
when there is a better use for memory it takes.  Since most files in /tmp/
are very short lived, it's a good optimization.

-- 
1KB // Microsoft corollary to Hanlon's razor:
//  Never attribute to stupidity what can be
//  adequately explained by malice.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bernhard R. Link]

* Philip Hands p...@hands.com [110413 12:54]:
 This strikes me as suboptimal, since one could use the disk space
 allocated to /tmp as extra swap and then allocate a tmpfs of that size
 to be mounted on /tmp with no effect other than allowing the system to
 have access to more swap than it would have otherwise had (of course,
 that's probably more than it needs, so instead you could just save some
 disk space that would otherwise be left generally unused by overloading
 the swap usage with /tmp usage.

 Therefore, in the multi-partition setup, I think we should also default
 to having /tmp on tmpfs.

This has both the disadvantage of a system then having swap (given the
big memory sizes one currently has and the big difference between RAM
and disk access times, having swap is often quite a disadvantage) and
of mixing several different things (/tmp is usually something simply
filling over time, so without low enough limits one risks that something
important is sometime not working because of missing RAM).

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20110413113412.ga3...@pcpool00.mathematik.uni-freiburg.de

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Ben Hutchings]

On Wed, 2011-04-13 at 13:34 +0200, Bernhard R. Link wrote:
 * Philip Hands p...@hands.com [110413 12:54]:
  This strikes me as suboptimal, since one could use the disk space
  allocated to /tmp as extra swap and then allocate a tmpfs of that size
  to be mounted on /tmp with no effect other than allowing the system to
  have access to more swap than it would have otherwise had (of course,
  that's probably more than it needs, so instead you could just save some
  disk space that would otherwise be left generally unused by overloading
  the swap usage with /tmp usage.
 
  Therefore, in the multi-partition setup, I think we should also default
  to having /tmp on tmpfs.
 
 This has both the disadvantage of a system then having swap (given the
 big memory sizes one currently has and the big difference between RAM
 and disk access times, having swap is often quite a disadvantage)
[...]

Under Linux, swap space is a requirement to defragment RAM.  (This may
change in the future.)  Without swap space, the kernel eventually
becomes unable to make large physically-contiguous allocations.  Don't
turn it off.

Ben.

-- 
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.


signature.asc
Description: This is a digitally signed message part

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philip Hands]

On Wed, 13 Apr 2011 13:34:13 +0200, Bernhard R. Link brl...@debian.org 
wrote:
 * Philip Hands p...@hands.com [110413 12:54]:
  This strikes me as suboptimal, since one could use the disk space
  allocated to /tmp as extra swap and then allocate a tmpfs of that size
  to be mounted on /tmp with no effect other than allowing the system to
  have access to more swap than it would have otherwise had (of course,
  that's probably more than it needs, so instead you could just save some
  disk space that would otherwise be left generally unused by overloading
  the swap usage with /tmp usage.
 
  Therefore, in the multi-partition setup, I think we should also default
  to having /tmp on tmpfs.
 
 This has both the disadvantage of a system then having swap (given the
 big memory sizes one currently has and the big difference between RAM
 and disk access times, having swap is often quite a disadvantage) and

Are you suggesting that a system that has enough RAM to not need swap
will become slower if you enable swap but don't use it?

If not, then either the files in /tmp will sit in RAM and therefore be a
lot faster, or if they need to go to disk, will have been staged via
swap, which may well allow a lot of small writes to small files to be
coalesced into larger swap writes, although I'm not familiar enough with
that to compare the amount of disk activity provoked by writing a lot of
small files onto an ext3 file system vs. taking the most elderly data
From a tmpfs and deciding to swap it out.

I can imagine that, for instance, removing a large file from /tmp when
on a file system might well require several writes, whereas it seems
possible that doing the same for a swapped out tmpfs might be a case of
simply recording that the blocks are ready for reuse.  On the other
hand, it may be that one needs to read in each and every block in order
to mark it ad being deleted, but I would hope that's not the way it works.

 of mixing several different things (/tmp is usually something simply
 filling over time,

Really?  Checking a couple of servers at random, one that's been running
for about 8 months but is fairly tightly locked down, has 8Kb used, and
another that's got rather more random stuff running on it, it has 17Mb
in /tmp, and that turns out to be debris laying around after a process
that does OCR on postfix files while scanning for SPAM -- so that's
actually a bug by the looks of it.

Even on servers where it is the case that /tmp grows over time, it
strikes me that tmpfs gives the system a much better chance to make
sensible decisions about when to write data out to disk.

On a mounted file system the system will attempt to ensure that the data
gets out to disk in a reasonably timely manner, since it's trying to
ensure that it's not lost in the event of a crash -- in that case of
/tmp, any effort to keep the normal file-system promise of post-crash
integrity is wasted effort, since we're going to throw the data away
anyway.

With tmpfs on the other hand, the data will never hit the disk if there
is enough RAM, and if there is a need to write it out, it'll generally
write the oldest data out first, so the portions of the tmpfs that are
being used for short-lived files will generally not be written before
those files are deleted again, so that they never need to be written at
all.

 so without low enough limits one risks that something
 important is sometime not working because of missing RAM).

If you'd read what I wrote, I suggested that a reasonable start would be
to allocate the /tmp filesystem space as swap, and then limit /tmp to
that size -- even if you then fill /tmp it cannot exceed the extra size
that you allocated to swap by giving it the disk that you'd otherwise be
using for /tmp as a file system.

Admittedly, I think that using the amount the we currently allocate to
/tmp for swap would be a waste, but it's a reasonable starting point.

In fact, it wouldn't surprise me if the act of mounting an additional
filesystem consumes more memory than a tmpfs with 8kb of files on it, so
for the first server mentioned above I may well be consuming less RAM
than I would be mounting an empty /tmp from the disk.

Cheers, Phil.
-- 
|)|  Philip Hands [+44 (0)20 8530 9560]http://www.hands.com/
|-|  HANDS.COM Ltd.http://www.uk.debian.org/
|(|  10 Onslow Gardens, South Woodford, London  E18 1NE  ENGLAND


pgpiEojmazFuq.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[David Goodenough]

On Wednesday 13 April 2011, Ben Hutchings wrote:
 On Wed, 2011-04-13 at 13:34 +0200, Bernhard R. Link wrote:
  * Philip Hands p...@hands.com [110413 12:54]:
   This strikes me as suboptimal, since one could use the disk space
   allocated to /tmp as extra swap and then allocate a tmpfs of that size
   to be mounted on /tmp with no effect other than allowing the system to
   have access to more swap than it would have otherwise had (of course,
   that's probably more than it needs, so instead you could just save some
   disk space that would otherwise be left generally unused by overloading
   the swap usage with /tmp usage.
   
   Therefore, in the multi-partition setup, I think we should also default
   to having /tmp on tmpfs.
  
  This has both the disadvantage of a system then having swap (given the
  big memory sizes one currently has and the big difference between RAM
  and disk access times, having swap is often quite a disadvantage)
 
 [...]
 
 Under Linux, swap space is a requirement to defragment RAM.  (This may
 change in the future.)  Without swap space, the kernel eventually
 becomes unable to make large physically-contiguous allocations.  Don't
 turn it off.
 
 Ben.
I am surprised at this.  I have several boxes which are small single board
computers with solid state disks (MIDE or CF), so as I did not need swap 
space (the running set is fixed and the memory requirement was within
the total available memory, I did not define any swap space.  A few days
ago I needed to move one of the boxes I noted its uptime at 594 days just
before I switched it off.  I grant you that it has 256MB of memory, and 
120MB is currently free, but I have not noticed any problems growing over
the time it was up.  Maybe it just did not need to make any large physically
contiguous allocations.

BTW, /var/run is currently occupying a grand total of 27KB if that is relevant
to the subject of this thread.

David


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/201104131544.37402.david.goodeno...@btconnect.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philipp Kern]

On 2011-04-13, David Goodenough david.goodeno...@btconnect.com wrote:
 I am surprised at this.  I have several boxes which are small single board
 computers with solid state disks (MIDE or CF), so as I did not need swap 
 space (the running set is fixed and the memory requirement was within
 the total available memory, I did not define any swap space.  A few days
 ago I needed to move one of the boxes I noted its uptime at 594 days just
 before I switched it off.  I grant you that it has 256MB of memory, and 
 120MB is currently free, but I have not noticed any problems growing over
 the time it was up.  Maybe it just did not need to make any large physically
 contiguous allocations.

Given that Linux does paging, you normally don't need large physically
contiguous allocations.  I think the exceptions are mainly I/O regions for
DMA.  And you're probably not using that heavily on such a machine.

Kind regards
Philipp Kern


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/slrniqbfk4.rnn.tr...@kelgar.0x539.de

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Bernhard R. Link]

* Philip Hands p...@hands.com [110413 15:51]:
 Are you suggesting that a system that has enough RAM to not need swap
 will become slower if you enable swap but don't use it?

If you don't use it it will hopefully make not much big difference.
The difference is if it gets used. If some program goes harvoc and
allocates to much stuff without swap it will most of the time simply
get killed. With swap it will first make the computer unuseably slow
for some time before it finally gets killed.

  of mixing several different things (/tmp is usually something simply
  filling over time,

 Really?  Checking a couple of servers at random, one that's been running
 for about 8 months but is fairly tightly locked down, has 8Kb used,

Servers of course usually have not that much (unless they are
terminal/login servers). The big /tmp stuff are usually user programs and
lab computers and other machines with many different users loging in are usually
multi-partition.

Some lab computers:
/dev/sda7 6,5G  164M  6,0G   3% /tmp
/dev/sda7 6,5G  157M  6,0G   3% /tmp
/dev/sda7 6,5G  148M  6,0G   3% /tmp
/dev/sda7 6,5G  145M  6,0G   3% /tmp
/dev/sda7 6,5G  205M  5,9G   4% /tmp
/dev/sda7 6,5G  321M  5,8G   6% /tmp
/dev/sda7 6,5G  148M  6,0G   3% /tmp
/dev/sda7 6,5G  225M  5,9G   4% /tmp
/dev/sda7 6,5G  2,8G  3,4G  46% /tmp
/dev/sda7 6,5G  152M  6,0G   3% /tmp
/dev/sda7 6,5G  152M  6,0G   3% /tmp
/dev/sda7 6,5G  150M  6,0G   3% /tmp
/dev/sda7 6.5G  162M  6.0G   3% /tmp

A login server:
/dev/vda4  21G  173M   18G   1% /tmp

A login server from another institute:
/dev/hda5 9,9G  1,2G  8,2G  13% /tmp

 If you'd read what I wrote, I suggested that a reasonable start would be
 to allocate the /tmp filesystem space as swap, and then limit /tmp to
 that size -- even if you then fill /tmp it cannot exceed the extra size
 that you allocated to swap by giving it the disk that you'd otherwise be
 using for /tmp as a file system.

And how do you make sure those metrics are correct if that is enabled
as default in the installer?

 In fact, it wouldn't surprise me if the act of mounting an additional
 filesystem consumes more memory than a tmpfs with 8kb of files on it, so
 for the first server mentioned above I may well be consuming less RAM
 than I would be mounting an empty /tmp from the disk.

RAM is nowadays for most uses usually there in abundancy. It's not that
it is scarce. The problems are faulty programs trying to get as much as
they can. If things grow unlimited there will always hit the limit.
And having different limits usually makes things more easy to control.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20110413152716.ga5...@pcpool00.mathematik.uni-freiburg.de

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Thomas Hood]

I just realized that I misunderstood Roger Leigh's posting and so
my previous message was mostly superfluous.  My apologies.

1. His statement but you have to mount many more to be able to
break your system was correct (and can be made more explicit by
adding ... by filling them all).

2. His proposal *was* to reduce the size of all tmpfses (together)
to 50%, as follows:

/run 10%
/run/shm 20%
/tmp 20%
/run/lock, /lib/init/rw  very small

What remains of my previous message are my two questions:

1. Is OOM importantly worse than a full system tmpfs?  I think so
too, but

2. Even if so, do we have to worry about OOM happening because
*multiple* tmpfses got filled?  We are already safe from OOM if
one tmpfs (whose size is 50% of memory) gets filled.
-- 
Thomas


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4da5bf6e.9090...@gmail.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Ben Hutchings]

On Wed, Apr 13, 2011 at 03:17:24PM +, Philipp Kern wrote:
 On 2011-04-13, David Goodenough david.goodeno...@btconnect.com wrote:
  I am surprised at this.  I have several boxes which are small single board
  computers with solid state disks (MIDE or CF), so as I did not need swap 
  space (the running set is fixed and the memory requirement was within
  the total available memory, I did not define any swap space.  A few days
  ago I needed to move one of the boxes I noted its uptime at 594 days just
  before I switched it off.  I grant you that it has 256MB of memory, and 
  120MB is currently free, but I have not noticed any problems growing over
  the time it was up.  Maybe it just did not need to make any large physically
  contiguous allocations.
 
 Given that Linux does paging, you normally don't need large physically
 contiguous allocations.  I think the exceptions are mainly I/O regions for
 DMA.

Heap allocations also have to be contiguous.  And every thread needs a
kernel stack which is at least 2 contiguous pages on most architectures.

 And you're probably not using that heavily on such a machine.
 
Evidently.

Ben.

-- 
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
  - Albert Camus


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110413160825.gi2...@decadent.org.uk

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[David Goodenough]

On Wednesday 13 April 2011, Ben Hutchings wrote:
 On Wed, Apr 13, 2011 at 03:17:24PM +, Philipp Kern wrote:
  On 2011-04-13, David Goodenough david.goodeno...@btconnect.com wrote:
   I am surprised at this.  I have several boxes which are small single
   board computers with solid state disks (MIDE or CF), so as I did not
   need swap space (the running set is fixed and the memory requirement
   was within the total available memory, I did not define any swap
   space.  A few days ago I needed to move one of the boxes I noted its
   uptime at 594 days just before I switched it off.  I grant you that it
   has 256MB of memory, and 120MB is currently free, but I have not
   noticed any problems growing over the time it was up.  Maybe it just
   did not need to make any large physically contiguous allocations.
  
  Given that Linux does paging, you normally don't need large physically
  contiguous allocations.  I think the exceptions are mainly I/O regions
  for DMA.
 
 Heap allocations also have to be contiguous.  And every thread needs a
 kernel stack which is at least 2 contiguous pages on most architectures.
 
  And you're probably not using that heavily on such a machine.
Its acting as a network router.  So presumably once everything is 
allocated, it keeps reusing them.

David
 
 Evidently.
 
 Ben.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/201104131720.18057.david.goodeno...@btconnect.com

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Wed, Apr 13, 2011 at 05:21:18PM +0200, Thomas Hood wrote:
 I just realized that I misunderstood Roger Leigh's posting and so
 my previous message was mostly superfluous.  My apologies.
 
 1. His statement but you have to mount many more to be able to
 break your system was correct (and can be made more explicit by
 adding ... by filling them all).

Yes, I did word it poorly, I'm afraid.

 2. His proposal *was* to reduce the size of all tmpfses (together)
 to 50%, as follows:
 
 /run 10%
 /run/shm 20%
 /tmp 20%
 /run/lock, /lib/init/rw  very small

I should admit that the 50% here is more by coincidence than intent,
but the general idea is that it's restricted overall to a sensible
amount.  Given that tmpfs on /tmp is optional and disabled by default,
it would be 30% + 10MiB for the last two.

What I should have stated more clearly in my earlier messages about
the limits is that we now have the flexibility to choose exactly
how to manage the space.  We can have a single large tmpfs (less
flexible and can be filled up by users, but there's much less
chance of a single part running out of space cf multiple mounts)
or we can have a collection of separate tmpfs mounts with different
size limits (less chance of a user filling a system-only part, but
an increased possibility of a single mount filling up).  Or we can
choose something in between those two extremes.  For the defaults,
I'd like something which will work in all cases, and which can be
easily tweaked for special/non-standard uses.

If we have a single shared tmpfs, 50% core is eminently sensible,
providing you have some swap to back it.  If we have multiple
tmpfs mounts, we do want to consider restricting it further.

The 10% and 20% figures are fairly arbitrary (the 10% comes from the
max. samba usage seen with a big margin added to it; it's still
three orders of magnitude bigger than the average usage of /run).
The 20% is a bit more fuzzy; it's smaller than the 50% default, but
still large enough that the chance of using it all is extremely
remote.  I'm quite happy to adjust these values if needed.

 What remains of my previous message are my two questions:
 
 1. Is OOM importantly worse than a full system tmpfs?  I think so
 too, but

They are both undesirable.  OOM is worse because it's potentially
unrecoverable (the OOM killer can't kill a process to reclaim
space on tmpfs [with the exception of POSIX SHM, but I don't think
the kernel knows about that--it's purely a userspace implementation],
so you can lock up the whole machine).  But equally we don't want to
allow users to interfere with system processes by denying them the
resources they need (e.g. not being able to create a lockfile/pidfile);
but in this situation, it is rather easier to recover since we can
just delete the offending files to free up some space.

[It would be nice if tmpfs offered a superuser-only allocation of
e.g. 5% like ext does, which would go a long way to mitigate
user DoS.]

 2. Even if so, do we have to worry about OOM happening because
 *multiple* tmpfses got filled?  We are already safe from OOM if
 one tmpfs (whose size is 50% of memory) gets filled.

This is really down to the limits we have set on them.  If we have
sensible limits, even far too large for what we expect to be
typical usage, we're safe from OOM.  With no limit (or more accurately
the default kernel limit), as used at present, adding multiple tmpfs
mounts does make this more likely.  The proposed default values are
intended to satisfy these requirements, but they may well not be
optimal, and I'll be happy to adjust them as needed.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Karl Goetz]

On Wed, 13 Apr 2011 10:32:42 +0100
Roger Leigh rle...@codelibre.net wrote:

 On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:

 Following the discussion yesterday, I'd like to propose doing
 something like the example below.  It's possible to size a tmpfs
 as a percentage of core memory, the default being -o size=50%.
 Rather than setting an absolute value, we can size e.g. /run
 as a percentage of total memory, which should scale with /run
 usage better than a fixed value.
 
 Proposal:
[...]
 /run/shm: No default (use general tmpfs default of 20%)
 /tmp: No default (use general tmpfs default of 20%)

20% doesn't seem like a lot for /tmp when people try and compile
something. While its not something most people end up doing, it does
seem odd to make people change their tempfs size before they can start
building packages for debian/themselves.
just a thought,
kk

-- 
Karl Goetz, (Kamping_Kaiser / VK5FOSS)
Debian contributor / gNewSense Maintainer
http://www.kgoetz.id.au
No, I won't join your social networking group


signature.asc
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
 With the transition to /run and /run/lock as tmpfs filesystems, it
 would be desirable to provide sensible default size limits.  Currently,
 we default to the tmpfs default of ½ RAM.  But with several tmpfs
 filesystems, this does have the potential for the system to be OOMed
 by a user filling up more than one of the filesystems.  A sensible
 default size limit would be useful here, for at least some of the
 filesystems.
 
 We currently allow specification of size limits for:
 /run (RUN_SIZE)
 /run/lock (LOCK_SIZE, optional)
 /dev/shm (SHM_SIZE)
 /tmp (TMP_SIZE, optional)
 
 [from temporary git repo at 
 http://git.debian.org/?p=collab-maint/sysvinit;a=summary]
 
 In order to default to a sensible size, I would appreciate it if I
 could have some figures for the useage of these filesystems: e.g.
 
 % sudo du -sk /var/run /var/lock /dev/shm

OK, some results:

/var/run  /var/lock  /dev/shm
Min9 0 0
5% percentile 60 0 0
Mean 886 9   599
Median   120 8 0
95% percentile   61217   310
Max4769652 80744

I was going to do this separately for different types of system
(desktop, server, etc.), but there really wasn't much difference
except for a few outliers.

/var/run: Most systems use just 1-200 KiB.  A few use a lot (tens of
MiB).  The large users appear to be Samba, which creates a number of
.tdb files under /var/run in addition to pidfiles; presumably on
very busy systems, these can grow to be quite large.  I guess they
are transient state, but is /var/run the appropriate place for them?
If so, we need to take this into account.
One system had a  1MiB /var/run/samba/namelist.debug file, which
could possibly have been put elsewhere.  wins.tdb, connections.tdb
and locking.tdb in particular look like they can potentially grow
very large; would keeping these on /var and deleting them on server
restart be more appropriate than using /run?
utmp could also potentially grow to several MiB.

Without taking Samba into consideration, 10MiB would be more than
plenty for all but the most extreme uses.  Allowing for Samba, we need
at least 30MiB, and potentially 50MiB for a good safety margin.  Any
comments from the Samba maintainers?

/var/lock: Tiny usage under all circumstances.  One MiB would be
more than plenty.

/tmp, /dev/shm: Can vary massively depending on what's using it; we
can't set a sensible default at all.

Josh Triplett suggested that we could use a single tmpfs on /run and
have the rest as symlinks into /run, with potentially a separate
tmpfs for user-writable filesystems to prevent a user DoS.  This idea
does have merit, and we could make it the default.  We currently do
this for /var/lock (/run/lock), which can be mounted as a separate
tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.  We could
also do the same for /dev/shm (/run/shm) and /tmp (/run/tmp) as well.
In the case of /tmp this would not be the default except when root is
read-only.  This would mean we don't have to choose a default size for
each filesystem separately.  But the sysadmin would have the ability to
enable it should they choose.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
  With the transition to /run and /run/lock as tmpfs filesystems, it
  would be desirable to provide sensible default size limits.  Currently,
  we default to the tmpfs default of ½ RAM.  But with several tmpfs
  filesystems, this does have the potential for the system to be OOMed
  by a user filling up more than one of the filesystems.  A sensible
  default size limit would be useful here, for at least some of the
  filesystems.
  
  We currently allow specification of size limits for:
  /run (RUN_SIZE)
  /run/lock (LOCK_SIZE, optional)
  /dev/shm (SHM_SIZE)
  /tmp (TMP_SIZE, optional)
  
  [from temporary git repo at 
  http://git.debian.org/?p=collab-maint/sysvinit;a=summary]
  
  In order to default to a sensible size, I would appreciate it if I
  could have some figures for the useage of these filesystems: e.g.
  
  % sudo du -sk /var/run /var/lock /dev/shm
 
 OK, some results:
 
 /var/run  /var/lock  /dev/shm
 Min9 0 0
 5% percentile 60 0 0
 Mean 886 9   599
 Median   120 8 0
 95% percentile   61217   310
 Max4769652 80744

Forgot to mention, this is based on a sample set of 156 separate
systems.  Many thanks to everyone who mailed me with the stats!


-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Michael Biebl]

Am 12.04.2011 13:38, schrieb Roger Leigh:

 this for /var/lock (/run/lock), which can be mounted as a separate
 tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.  We could
 also do the same for /dev/shm (/run/shm) and /tmp (/run/tmp) as well.
 In the case of /tmp this would not be the default except when root is
 read-only.

I don't think symlinking /tmp to /run would be a good idea, as one could fill up
/tmp (accidentaly)  pretty quick.
If we want to make / ro, then a separate tmpfs for /tmp looks like a better idea
to me.

Cheers,
Michael
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Adam Borowski]

On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
 With the transition to /run and /run/lock as tmpfs filesystems, it
 would be desirable to provide sensible default size limits.  Currently,
 we default to the tmpfs default of ½ RAM.  But with several tmpfs
 filesystems, this does have the potential for the system to be OOMed
 by a user filling up more than one of the filesystems.  A sensible
 default size limit would be useful here, for at least some of the
 filesystems.

What about 5% of RAM + 20% of swap?  Perhaps even just 5% of (RAM + swap).
Unused space doesn't cost you anything, and when there's swap available,
tmpfs is strictly better than any real filesystem could possibly be.

Unlike a fixed limit, a ratio would both prevent a runaway daemon from
OOMing the system and ensure non-embedded systems have plenty of space.

Ie, that 50MB of samba files would fit comfortably on any system that's not
starved for memory.  Samba typically means a file server -- ie, often very
little physical RAM but plenty of disk space.

A static number would be either too big on a smartphone or too small on
regular machines.

-- 
1KB // Microsoft corollary to Hanlon's razor:
//  Never attribute to stupidity what can be
//  adequately explained by malice.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110412120446.ga2...@angband.pl

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Steve Langasek]

On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
 On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
  With the transition to /run and /run/lock as tmpfs filesystems, it
  would be desirable to provide sensible default size limits.  Currently,
  we default to the tmpfs default of ½ RAM.  But with several tmpfs
  filesystems, this does have the potential for the system to be OOMed
  by a user filling up more than one of the filesystems.  A sensible
  default size limit would be useful here, for at least some of the
  filesystems.

  We currently allow specification of size limits for:
  /run (RUN_SIZE)
  /run/lock (LOCK_SIZE, optional)
  /dev/shm (SHM_SIZE)
  /tmp (TMP_SIZE, optional)

  [from temporary git repo at 
  http://git.debian.org/?p=collab-maint/sysvinit;a=summary]

  In order to default to a sensible size, I would appreciate it if I
  could have some figures for the useage of these filesystems: e.g.

  % sudo du -sk /var/run /var/lock /dev/shm

 /var/run: Most systems use just 1-200 KiB.  A few use a lot (tens of
 MiB).  The large users appear to be Samba, which creates a number of
 .tdb files under /var/run in addition to pidfiles; presumably on
 very busy systems, these can grow to be quite large.  I guess they
 are transient state, but is /var/run the appropriate place for them?

Yes, it is, per the FHS.

 If so, we need to take this into account.
 One system had a  1MiB /var/run/samba/namelist.debug file, which
 could possibly have been put elsewhere.

It fits the FHS definition for /var/run.  It doesn't belong elsewhere.

  wins.tdb, connections.tdb and locking.tdb in particular look like they
 can potentially grow very large; would keeping these on /var and deleting
 them on server restart be more appropriate than using /run?  utmp could
 also potentially grow to several MiB.

Keep them *where* on /var?  They're already exactly where the FHS says they
should be.  The server will null them out on startup, which is precisely the
sort of file that's *meant to be stored in /var/run*.

 Without taking Samba into consideration, 10MiB would be more than
 plenty for all but the most extreme uses.  Allowing for Samba, we need
 at least 30MiB, and potentially 50MiB for a good safety margin.  Any
 comments from the Samba maintainers?

I would like to know what real-world problem you're trying to solve by
limiting the size of these filesystems.  Have you had actual reports of
users running into trouble with the current half-of-RAM default filling up?
I've never heard such a thing.  This is a root-only filesystem, so if the
user has a service that wants that much space for temp files, why impose
additional limits?  If the problem is that multiple tmpfs are mounted and
each can expand to half-of-RAM, either reduce the number of tmpfses
presented (as discussed), or limit the *whole* allocation for known mount
points to half-of-RAM and partition appropriately, or both.  But imposing
stricter limits than necessary based on survey data is just wrong.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110412144454.gc9...@virgil.dodds.net

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Luca Capello]

Hi there!

On Tue, 12 Apr 2011 13:38:03 +0200, Roger Leigh wrote:
 Josh Triplett suggested that we could use a single tmpfs on /run and
 have the rest as symlinks into /run, with potentially a separate
 tmpfs for user-writable filesystems to prevent a user DoS.  This idea
 does have merit, and we could make it the default.  We currently do
 this for /var/lock (/run/lock), which can be mounted as a separate
 tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.

Do you mean that the meaning of RAMLOCK has completely changed?
Currently, `man rcS` gives:

RAMLOCK
Make /var/lock/ available as a ram file system (tmpfs).
Will also  disable cleaning of /var/lock/  during boot.
Set to 'yes'  to enable, to 'no' to  disable.  The size
of  the tmpfs  can be  controlled using  TMPFS_SIZE and
LOCK_SIZE  in  /etc/default/tmpfs.   Because  of  this,
packages  can not  expect directories  in /var/lock  to
exist after  boot.  Packages  expecting this  are buggy
and need to be fixed.

I consider completely changing it a serious bug, may I suggest
deprecating it completely and adding a new variable instead?  I guess
the same should be applied to RAMRUN, i.e. simply deprecate it.

Thx, bye,
Gismo / Luca


pgp1Sal8WK3tP.pgp
Description: PGP signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:
 Hi there!
 
 On Tue, 12 Apr 2011 13:38:03 +0200, Roger Leigh wrote:
  Josh Triplett suggested that we could use a single tmpfs on /run and
  have the rest as symlinks into /run, with potentially a separate
  tmpfs for user-writable filesystems to prevent a user DoS.  This idea
  does have merit, and we could make it the default.  We currently do
  this for /var/lock (/run/lock), which can be mounted as a separate
  tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.
 
 Do you mean that the meaning of RAMLOCK has completely changed?
 Currently, `man rcS` gives:
 
   RAMLOCK
   Make /var/lock/ available as a ram file system (tmpfs).
   Will also  disable cleaning of /var/lock/  during boot.
   Set to 'yes'  to enable, to 'no' to  disable.  The size
   of  the tmpfs  can be  controlled using  TMPFS_SIZE and
   LOCK_SIZE  in  /etc/default/tmpfs.   Because  of  this,
   packages  can not  expect directories  in /var/lock  to
   exist after  boot.  Packages  expecting this  are buggy
   and need to be fixed.
 
 I consider completely changing it a serious bug, may I suggest
 deprecating it completely and adding a new variable instead?  I guess
 the same should be applied to RAMRUN, i.e. simply deprecate it.

With the patch as it stands at present, RAMRUN is deprecated.  /run
is always a tmpfs; RUN_SIZE will set its size, as before.

RAMLOCK is unchanged, except for the fact that it's mounted on
/run/lock rather than /var/lock.  Likewise, LOCK_SIZE is unchanged
in its meaning.

We could introduce new variables for /run such as RUNLOCK, but given
that it does exactly what it used to do, I don't think it gains us
anything.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Jan Hauke Rahm]

On Tue, Apr 12, 2011 at 07:47:35PM +0100, Roger Leigh wrote:
 With the patch as it stands at present, RAMRUN is deprecated.  /run
 is always a tmpfs; RUN_SIZE will set its size, as before.

Hmm, just thinking... vServers don't really allow mounting AFAIK as that
would be the host's job. Wouldn't making /run a tmpfs in every case
conflict here? Or am I jumping around nonsense now...?

Hauke

-- 
 .''`.   Jan Hauke Rahm j...@debian.org   www.jhr-online.de
: :'  :  Debian Developer www.debian.org
`. `'`   Member of the Linux Foundationwww.linux.com
  `- Fellow of the Free Software Foundation Europe  www.fsfe.org


signature.asc
Description: Digital signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 07:44:54AM -0700, Steve Langasek wrote:
 On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote:
  On Mon, Apr 11, 2011 at 08:01:42PM +0100, Roger Leigh wrote:
   With the transition to /run and /run/lock as tmpfs filesystems, it
   would be desirable to provide sensible default size limits.  Currently,
   we default to the tmpfs default of ½ RAM.  But with several tmpfs
   filesystems, this does have the potential for the system to be OOMed
   by a user filling up more than one of the filesystems.  A sensible
   default size limit would be useful here, for at least some of the
   filesystems.
 
   We currently allow specification of size limits for:
   /run (RUN_SIZE)
   /run/lock (LOCK_SIZE, optional)
   /dev/shm (SHM_SIZE)
   /tmp (TMP_SIZE, optional)
 
   [from temporary git repo at 
   http://git.debian.org/?p=collab-maint/sysvinit;a=summary]
 
   In order to default to a sensible size, I would appreciate it if I
   could have some figures for the useage of these filesystems: e.g.
 
   % sudo du -sk /var/run /var/lock /dev/shm
 
  /var/run: Most systems use just 1-200 KiB.  A few use a lot (tens of
  MiB).  The large users appear to be Samba, which creates a number of
  .tdb files under /var/run in addition to pidfiles; presumably on
  very busy systems, these can grow to be quite large.  I guess they
  are transient state, but is /var/run the appropriate place for them?
 
 Yes, it is, per the FHS.

I thought so at well; I just wanted to check, given that it's the main
user of space under /run.

  Without taking Samba into consideration, 10MiB would be more than
  plenty for all but the most extreme uses.  Allowing for Samba, we need
  at least 30MiB, and potentially 50MiB for a good safety margin.  Any
  comments from the Samba maintainers?
 
 I would like to know what real-world problem you're trying to solve by
 limiting the size of these filesystems.  Have you had actual reports of
 users running into trouble with the current half-of-RAM default filling up?
 I've never heard such a thing.  This is a root-only filesystem, so if the
 user has a service that wants that much space for temp files, why impose
 additional limits?

Resources are limited, and there's always a size limit.  But we
currently ignore the issue by simply accepting the kernel defaults,
which are far, far too large (but on a very low memory system, might
equally be too small).  We can of course continue to do so; this
doesn't directly cause problems--the space isn't actually claimed until
used--but there is the potential for the lack of consideration for the
real usage requirements to be abused.

For filesystems such as /run/lock, we can safely set a limit for it.
e.g. 2MiB would be fine; it's several hundred times the typical usage.
Having it sized at 4GiB (as is the case on my 8GiB desktop) is clearly
just too large.  We should be able to set a more sensible default than
that.  Current usage on my system: 12 KiB...  The same applies to
/lib/init/rw (currently 4GiB also; actual usage 8 KiB).

Having multiple tmpfses with the kernel defaults means that a user or
badly written program could intentionally or accidentally lock up the
machine by using all available memory by filling up one or more of the
tmpfses.  And the majority /are/ user writable by default, even /run
(via /var/lock, which is not a separate mount by default--maybe it
should be?).  /dev/shm is user writable, /tmp is user writable.

This isn't a new problem; users could always fill up /var before now
as well (by default).  But now they can lock up the system rather
than just using up free disc space.

  If the problem is that multiple tmpfs are mounted and
 each can expand to half-of-RAM, either reduce the number of tmpfses
 presented (as discussed), or limit the *whole* allocation for known mount
 points to half-of-RAM and partition appropriately, or both.  But imposing
 stricter limits than necessary based on survey data is just wrong.

I wasn't wanting to impose strict limits, but a sensible default
based upon what was commonly used, with a big margin on top of that,
to ensure the limit would never be hit in practice.

For /var/run, 100MiB would be plenty more than would ever be required
for the vast majority of users.  But the suggestion of computing it
as a fraction of core+swap is a good one (perhaps with a minimum
limit).  

As you state above, reducing the total number of tmpfses would be
useful--we can then have one or two with sysadmin (or kernel) set
limits, so an individual directory won't have an outrageously
small limit that might be reached.

For this reason, I've adapted the patch to move /dev/shm to /run/shm;
it's configurable whether this is a separate tmpfs mount, or simply
a subdirectory of /run, and the size is also configurable as before
(SHM_SIZE, with RAMSHM as the option to toggle the mounting).  We
could additionally allow /tmp to be moved under /run/tmp, so that
all existing tmpfs mounts could share a single 

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 09:07:48PM +0200, Jan Hauke Rahm wrote:
 On Tue, Apr 12, 2011 at 07:47:35PM +0100, Roger Leigh wrote:
  With the patch as it stands at present, RAMRUN is deprecated.  /run
  is always a tmpfs; RUN_SIZE will set its size, as before.
 
 Hmm, just thinking... vServers don't really allow mounting AFAIK as that
 would be the host's job. Wouldn't making /run a tmpfs in every case
 conflict here? Or am I jumping around nonsense now...?

I know little about vservers.  How do they currently deal with
/dev/shm and /lib/init/rw?


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Jan Hauke Rahm]

On Tue, Apr 12, 2011 at 08:21:25PM +0100, Roger Leigh wrote:
 On Tue, Apr 12, 2011 at 09:07:48PM +0200, Jan Hauke Rahm wrote:
  On Tue, Apr 12, 2011 at 07:47:35PM +0100, Roger Leigh wrote:
   With the patch as it stands at present, RAMRUN is deprecated.  /run
   is always a tmpfs; RUN_SIZE will set its size, as before.
  
  Hmm, just thinking... vServers don't really allow mounting AFAIK as that
  would be the host's job. Wouldn't making /run a tmpfs in every case
  conflict here? Or am I jumping around nonsense now...?
 
 I know little about vservers.  How do they currently deal with
 /dev/shm and /lib/init/rw?

Interesting question. Actually, in my setup, I don't see /dev/shm at
all and /lib/init/rw is a regular directory.

Hauke

-- 
 .''`.   Jan Hauke Rahm j...@debian.org   www.jhr-online.de
: :'  :  Debian Developer www.debian.org
`. `'`   Member of the Linux Foundationwww.linux.com
  `- Fellow of the Free Software Foundation Europe  www.fsfe.org


signature.asc
Description: Digital signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 08:19:59PM +0100, Roger Leigh wrote:
 On Tue, Apr 12, 2011 at 07:44:54AM -0700, Steve Langasek wrote:
   If the problem is that multiple tmpfs are mounted and
  each can expand to half-of-RAM, either reduce the number of tmpfses
  presented (as discussed), or limit the *whole* allocation for known mount
  points to half-of-RAM and partition appropriately, or both.
 
 For this reason, I've adapted the patch to move /dev/shm to /run/shm;
 it's configurable whether this is a separate tmpfs mount, or simply
 a subdirectory of /run, and the size is also configurable as before
 (SHM_SIZE, with RAMSHM as the option to toggle the mounting).  We
 could additionally allow /tmp to be moved under /run/tmp, so that
 all existing tmpfs mounts could share a single tmpfs (I haven't
 done this yet).  Currently we mount a tmpfs on /tmp if RAMTMP=yes
 or root is mounted read-only, but we could move it under /run.

I should add here that while the other distributions have moved
/var/run and /var/lock under /run, they have not moved /dev/shm
or /tmp.  I'm not sure what the consensus is on doing either of
these, so I haven't put either into the proposed patch yet.

I think the question to answer here is whether or not /dev/shm
and /tmp offer the same lifetime policies as /var/run and /var/lock,
and whether or not they logically fit under the same heirarchy.
The first is clearly the case: they can all be on tmpfs.  Whether
they logically fit is not so clear.

I think that if we have /run/lock, /run/shm makes sense (how different
are locks and POSIX semaphores?  They are just a different type of
lock (broadly).  And shared memory is ephemeral state, just like
samba's state etc.).  So I would argue that it does fit.  But this
isn't a universally held opinion.  Is there any rationale against
doing this?

I'm not as sure about /run/tmp, though all the files under /run
are strictly temporary, they are pretty much all system files
rather than being owned by users (though /run/lock and /run/shm
would be user-writable;  however, there are proposals to restrict
access to /lock as on Fedora).


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Tollef Fog Heen]

]] Roger Leigh 

| I think that if we have /run/lock, /run/shm makes sense (how different
| are locks and POSIX semaphores?  They are just a different type of
| lock (broadly).  And shared memory is ephemeral state, just like
| samba's state etc.).  So I would argue that it does fit.  But this
| isn't a universally held opinion.  Is there any rationale against
| doing this?

/dev/shm is POSIX shared memory, not just semaphores, afaik?

| I'm not as sure about /run/tmp, though all the files under /run
| are strictly temporary, they are pretty much all system files
| rather than being owned by users (though /run/lock and /run/shm
| would be user-writable;  however, there are proposals to restrict
| access to /lock as on Fedora).

I'd rather not make /tmp a tmpfs, and there's no reason for it to live
under /run.  It might also reasonably be namespaced for different users
and so on, so moving it somewhere else than /tmp is, IMO, silly.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/8739lns05d@qurzaw.varnish-software.com

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Philipp Kern]

On 2011-04-12, Roger Leigh rle...@codelibre.net wrote:
 Having multiple tmpfses with the kernel defaults means that a user or
 badly written program could intentionally or accidentally lock up the
 machine by using all available memory by filling up one or more of the
 tmpfses.  And the majority /are/ user writable by default, even /run
 (via /var/lock, which is not a separate mount by default--maybe it
 should be?).  /dev/shm is user writable, /tmp is user writable.

How is that different from lock-ups due to fork bombs?  If the admin cares, he
can still fence his users.  (Like DSA do on their machines by setting a sane
tmpfs size limit.)

Kind regards
Philipp Kern


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/slrniq9d38.phd.tr...@kelgar.0x539.de

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Luca Capello]

Hi there!

On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:
 On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:
 On Tue, 12 Apr 2011 13:38:03 +0200, Roger Leigh wrote:
  Josh Triplett suggested that we could use a single tmpfs on /run and
  have the rest as symlinks into /run, with potentially a separate
  tmpfs for user-writable filesystems to prevent a user DoS.  This idea
  does have merit, and we could make it the default.  We currently do
  this for /var/lock (/run/lock), which can be mounted as a separate
 ^^
  tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.
 ^
 
 Do you mean that the meaning of RAMLOCK has completely changed?
 Currently, `man rcS` gives:
 
  RAMLOCK
  Make /var/lock/ available as a ram file system (tmpfs).
^^^
[...]
 I consider completely changing it a serious bug, may I suggest
 deprecating it completely and adding a new variable instead?  I guess
 the same should be applied to RAMRUN, i.e. simply deprecate it.

 With the patch as it stands at present, RAMRUN is deprecated.  /run
 is always a tmpfs; RUN_SIZE will set its size, as before.

Fair enough and, FWIW, fully agree.

 RAMLOCK is unchanged, except for the fact that it's mounted on
 /run/lock rather than /var/lock.

No, /var/lock changed *substantially*, given that it is now *by default*
(on) a tmpfs, regardless if RAMLOCK is set or not.  Which means that
RAMLOCK as it was explained is useless, thus my question about your
words underlined above: which can be mounted as a separate tmpfs on
/run/lock if RAMLOCK is set in /etc/defaults/rcS.

I do not have any idea which variable could be straightforward,
something like LOCK_OWN_TMPFS...

 Likewise, LOCK_SIZE is unchanged in its meaning.

Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
on the same tmpfs than /run?

 We could introduce new variables for /run such as RUNLOCK, but given
 that it does exactly what it used to do, I don't think it gains us
 anything.

Fully agree, and FWIW it was not what I was asking for ;-)

Thx, bye,
Gismo / Luca


pgpSzEfAuUZ7U.pgp
Description: PGP signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 10:08:30PM +0200, Tollef Fog Heen wrote:
 ]] Roger Leigh 
 
 | I think that if we have /run/lock, /run/shm makes sense (how different
 | are locks and POSIX semaphores?  They are just a different type of
 | lock (broadly).  And shared memory is ephemeral state, just like
 | samba's state etc.).  So I would argue that it does fit.  But this
 | isn't a universally held opinion.  Is there any rationale against
 | doing this?
 
 /dev/shm is POSIX shared memory, not just semaphores, afaik?

Yes, it's used for both.

 | I'm not as sure about /run/tmp, though all the files under /run
 | are strictly temporary, they are pretty much all system files
 | rather than being owned by users (though /run/lock and /run/shm
 | would be user-writable;  however, there are proposals to restrict
 | access to /lock as on Fedora).
 
 I'd rather not make /tmp a tmpfs, and there's no reason for it to live
 under /run.  It might also reasonably be namespaced for different users
 and so on, so moving it somewhere else than /tmp is, IMO, silly.

One reason for doing this is to have a single writable mount on the
system, which might be useful for tiny systems with minimal
resources, where root is r/o.  On such a system, it might be useful
to pool the limited writable space (which might not be a tmpfs).

This isn't a common use case, but one of the considerations in the
patch is to make read-only root possible, and since one of the
changes is to automatically mount a tmpfs on /tmp if root is
read-only, I thought it was worth asking the question if it could be
shared with the existing tmpfs filesystems on the system.  While a
tmpfs on /tmp isn't going to be the default, the patch does add
support for it (RAMTMP).


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: [Pkg-samba-maint] Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 08:22:00PM +, Philipp Kern wrote:
 On 2011-04-12, Roger Leigh rle...@codelibre.net wrote:
  Having multiple tmpfses with the kernel defaults means that a user or
  badly written program could intentionally or accidentally lock up the
  machine by using all available memory by filling up one or more of the
  tmpfses.  And the majority /are/ user writable by default, even /run
  (via /var/lock, which is not a separate mount by default--maybe it
  should be?).  /dev/shm is user writable, /tmp is user writable.
 
 How is that different from lock-ups due to fork bombs?  If the admin
 cares, he can still fence his users.  (Like DSA do on their machines
 by setting a sane tmpfs size limit.)

It's something which is entirely preventable, and while it's possible
for sysadmins to set the limits to something sane, I would really
like to have something sane by default when this is possible.  And
for some of the filesystems in question, this is totally safe to do.
Others like /var/run do vary somewhat more, but it should still be
possible to do better than existing practice.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Re: Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

On Tue, Apr 12, 2011 at 10:35:37PM +0200, Luca Capello wrote:
 Hi there!
 
 On Tue, 12 Apr 2011 20:47:35 +0200, Roger Leigh wrote:
  On Tue, Apr 12, 2011 at 08:12:21PM +0200, Luca Capello wrote:
  On Tue, 12 Apr 2011 13:38:03 +0200, Roger Leigh wrote:
   Josh Triplett suggested that we could use a single tmpfs on /run and
   have the rest as symlinks into /run, with potentially a separate
   tmpfs for user-writable filesystems to prevent a user DoS.  This idea
   does have merit, and we could make it the default.  We currently do
   this for /var/lock (/run/lock), which can be mounted as a separate
  ^^
   tmpfs on /run/lock if RAMLOCK is set in /etc/defaults/rcS.
  ^
  
  Do you mean that the meaning of RAMLOCK has completely changed?
  Currently, `man rcS` gives:
  
 RAMLOCK
 Make /var/lock/ available as a ram file system (tmpfs).
 ^^^
 [...]
  I consider completely changing it a serious bug, may I suggest
  deprecating it completely and adding a new variable instead?  I guess
  the same should be applied to RAMRUN, i.e. simply deprecate it.
 
  With the patch as it stands at present, RAMRUN is deprecated.  /run
  is always a tmpfs; RUN_SIZE will set its size, as before.
 
 Fair enough and, FWIW, fully agree.
 
  RAMLOCK is unchanged, except for the fact that it's mounted on
  /run/lock rather than /var/lock.
 
 No, /var/lock changed *substantially*, given that it is now *by default*
 (on) a tmpfs, regardless if RAMLOCK is set or not.  Which means that
 RAMLOCK as it was explained is useless, thus my question about your
 words underlined above: which can be mounted as a separate tmpfs on
 /run/lock if RAMLOCK is set in /etc/defaults/rcS.
 
 I do not have any idea which variable could be straightforward,
 something like LOCK_OWN_TMPFS...
 
  Likewise, LOCK_SIZE is unchanged in its meaning.
 
 Again, I found it changed: how can you define LOCK_SIZE if /run/lock is
 on the same tmpfs than /run?

If you set RAMLOCK=yes, then /run/lock is a *separate* tmpfs
of size LOCK_SIZE, *exactly* like the /var/lock tmpfs mount
(it's the same code with s/var/run/g).  So the actual behaviour of this
option is entirely unchanged bar the switch from /var/lock to
/run/lock.

So by default, /run and /run/lock are on the same tmpfs.  But
if you set RAMLOCK=yes, you'll get a second tmpfs mounted on
/run/lock.  So yes, /run/lock will always be on a tmpfs filesystem,
that's obviously the main point of the patch.  But the sysadmin can
configure the size of /run/lock separately should they choose to do so
(especially since it's user-writable by default).


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature

Default size limits for /run (/var/run) and /run/lock (/var/lock)

[Roger Leigh]

With the transition to /run and /run/lock as tmpfs filesystems, it
would be desirable to provide sensible default size limits.  Currently,
we default to the tmpfs default of ½ RAM.  But with several tmpfs
filesystems, this does have the potential for the system to be OOMed
by a user filling up more than one of the filesystems.  A sensible
default size limit would be useful here, for at least some of the
filesystems.

We currently allow specification of size limits for:
/run (RUN_SIZE)
/run/lock (LOCK_SIZE, optional)
/dev/shm (SHM_SIZE)
/tmp (TMP_SIZE, optional)

[from temporary git repo at 
http://git.debian.org/?p=collab-maint/sysvinit;a=summary]

In order to default to a sensible size, I would appreciate it if I
could have some figures for the useage of these filesystems: e.g.

% sudo du -sk /var/run /var/lock /dev/shm

for a variety of systems (desktop, server, large samba setup, very
large and busy systems, minimal environments etc.).  We want to be
sure the default is sane for all but the most extreme outliers,
where the sysadmin would need to configure a bigger value as the
default.  A sensible size for /tmp would also be useful, but this
obviously varies widely.  Note this is for a tmpfs /tmp, which is
not mounted by default (only defaults if root is read-only).

Thanks for any feedback (any stats can be sent directly to me to
avoid flooding the list).  I'd just like the output of the above
command, plus a small description of what the system is for
(size, major services etc.) for context.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


signature.asc
Description: Digital signature