I've implemented[1] support for setting sysctl(7) nodes (both global and
per-process) on the work-in-progress config branch.
The syntax is fairly self-explanatory. For per-process settings, use
rc[].netbsd.sysctl{}, for global settings use netbsd.sysctl{}, each of
which is an object with key/value pairs. The former will prepend
'proc.curproc.' to each key and apply the settings at process creation
time. For details refer to doc/config.md[2].
A couple of things which I'd like some review on:
1) Setting rlimits via sysctl() doesn't work terribly well due to the split
of 'hard' and 'soft' limit into separate keys. To actually increase a limit
you'd have to specify it twice in the config, and ensure 'hard' always gets
set before 'soft' which is impossible to guarantee as JSON objects are
unordered.
Possible ways to resolve this:
a) Don't bother setting rlimits via sysctl and implement a separate config
block for this, using setrlimit() to set both limits in a single call. This
would mean yet more partially-redundant code in config and rumprun, so not
my preferred option.
b) For rumprun, eliminate the distinction between hard and soft limits
altogether, so, the user would specify only (for example)
'rlimit.descriptors', rumprun (probabaly the config module) would
internally translate that to two rumprun_sysctlw()[3] calls, setting
'rlimit.descriptors.hard' and 'rlimit.descriptors.soft' to the same value.
2) Adding more per-process settings needs a way to pass them to the
rumprun() invocation. I'm currently winging this by adding parameters to
that interface[4], but that won't scale. Any thoughts on what the internal
interfaces and separation of concerns between config and rumprun should
look like? Antti, perhaps we should do a design session on this so that we
don't shoot ourselves in the foot?
[1]
https://github.com/rumpkernel/rumprun/commit/0dfc5d8d2a7f8623f748831551111e67ac39036a
[2]
https://github.com/rumpkernel/rumprun/blob/mato-wip-rumprun-config/doc/config.md
[3]
https://github.com/rumpkernel/rumprun/commit/0dfc5d8d2a7f8623f748831551111e67ac39036a#diff-166cd740bff1529841f2228a2d845ac4R351
[4]
https://github.com/rumpkernel/rumprun/commit/0dfc5d8d2a7f8623f748831551111e67ac39036a#diff-166cd740bff1529841f2228a2d845ac4R247
