On Thu, Dec 27, 2007 at 12:26:43AM +0900, Junichi Uekawa wrote: Hi Junichi and Ondrej,
> RLIMIT_DATA / RLIMIT_RSS etc look like a good candidate for > memory management. > > As for disk space, RLIMIT_FSIZE looks useful. And 'quota' seems more > like a best match. > > RLIMIT_NPROC looks like a good idea to avoid DoS, although most > packages would avoid endless forkbombs in their build process. I think nor RLIMIT_* nor quota are good solution here because resource usage may change on the host. The pbuilder process must be kill as soon as we know the system is out of resource. About the implementation and to avoid another process maybe the current TIMEOUT code can be merged in a more generic function designed to check the build process. $kill=0 if [ -n $TIMEOUT_TIME ]; then # We lose the second precision with this method but I can't find an alternative # that doesn't block the process if [ "`find /proc/$BUILD_PID -cmin +$(($TIMEOUT_TIME/60)) | wc -l`" -gt 0 ]; then kill=1 fi fi if [ -n $dir_min_free ]; then # disk check here # kill=1 if needed fi if [ -n $mem_min_free ]; then # mem check here # kill=1 if needed fi if [ $kill -eq 1 ]; then # kill the job fi With this solution, it's also possible to had a check with the hook system. Gonéri
signature.asc
Description: Digital signature