Le lundi 21 mai 2012 à 18:04 +0200, Frederic Crozat a écrit :
> Le mardi 03 avril 2012 à 15:44 +0200, Frederic Crozat a écrit :
> > Le lundi 02 avril 2012 à 22:59 +0200, Lennart Poettering a écrit :
> > > On Fri, 30.03.12 17:20, Frederic Crozat (fcro...@suse.com) wrote:
> > >
> > > > >From 5008080dda662208278c159213adbd5211496043 Mon Sep 17 00:00:00 2001
> > > > From: Frederic Crozat <fcro...@suse.com>
> > > > Date: Thu, 29 Mar 2012 17:53:41 +0200
> > > > Subject: [PATCH 1/2] macro: add newdup macro, equivalent of new +
> > > > memdup but
> > > > type-safe
> > > >
> > > > ---
> > > > src/macro.h | 1 +
> > > > 1 files changed, 1 insertions(+), 0 deletions(-)
> > > >
> > > > diff --git a/src/macro.h b/src/macro.h
> > > > index 19f259e..a85e72d 100644
> > > > --- a/src/macro.h
> > > > +++ b/src/macro.h
> > > > @@ -137,6 +137,7 @@ static inline size_t ALIGN_TO(size_t l, size_t ali)
> > > > {
> > > >
> > > > #define memzero(x,l) (memset((x), 0, (l)))
> > > > #define zero(x) (memzero(&(x), sizeof(x)))
> > > > +#define newdup(x,l) ( (x= new(typeof(*l),1)) ?
> > > > memcpy((x),(l),sizeof(*l)) : NULL)
> > >
> > > Hmm, I was more thinking of a definition much closer to new() and
> > > new0(), without typeof, but with allowing allocation of an array
> > >
> > > #define newdup(t, p, n) ((t*)memdup(p,sizeof(t)*(n)))
> >
> > New version attached, based on your comments.
>
> Rebased version, including a fix to newdup macro which went to git some
> weeks ago.
New version, addressing various comments from irc discussion and with
documentation :)
--
Frederic Crozat <fcro...@suse.com>
SUSE
>From d3b2761ed6a6d0410b9eff66e2e302df76736a25 Mon Sep 17 00:00:00 2001
From: Frederic Crozat <fcro...@suse.com>
Date: Wed, 21 Mar 2012 18:03:40 +0100
Subject: [PATCH] allow system wide limits for services
---
man/systemd.conf.xml | 27 +++++++++++++++++++++++++++
src/core/main.c | 22 ++++++++++++++++++++++
src/core/manager.c | 25 +++++++++++++++++++++++++
src/core/manager.h | 3 +++
src/core/service.c | 8 ++++++++
5 files changed, 85 insertions(+), 0 deletions(-)
diff --git a/man/systemd.conf.xml b/man/systemd.conf.xml
index a110f24..7dfaa18 100644
--- a/man/systemd.conf.xml
+++ b/man/systemd.conf.xml
@@ -182,6 +182,33 @@
effect if a hardware watchdog is not
available.</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><varname>DefaultLimitCPU=</varname></term>
+ <term><varname>DefaultLimitFSIZE=</varname></term>
+ <term><varname>DefaultLimitDATA=</varname></term>
+ <term><varname>DefaultLimitSTACK=</varname></term>
+ <term><varname>DefaultLimitCORE=</varname></term>
+ <term><varname>DefaultLimitRSS=</varname></term>
+ <term><varname>DefaultLimitNOFILE=</varname></term>
+ <term><varname>DefaultLimitAS=</varname></term>
+ <term><varname>DefaultLimitNPROC=</varname></term>
+ <term><varname>DefaultLimitMEMLOCK=</varname></term>
+ <term><varname>DefaultLimitLOCKS=</varname></term>
+ <term><varname>DefaultLimitSIGPENDING=</varname></term>
+ <term><varname>DefaultLimitMSGQUEUE=</varname></term>
+ <term><varname>DefaultLimitNICE=</varname></term>
+ <term><varname>DefaultLimitRTPRIO=</varname></term>
+ <term><varname>DefaultLimitRTTIME=</varname></term>
+ <listitem><para>These settings control
+ various default resource limits for units. See
+ <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
+ for details. Use the string
+ <varname>infinity</varname> to
+ configure no limit on a specific
+ resource. They can be overriden in units files
+ using corresponding LimitXXXX parameter.</para></listitem>
+ </varlistentry>
</variablelist>
</refsect1>
diff --git a/src/core/main.c b/src/core/main.c
index 8c25819..20c0f3c 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -85,6 +85,7 @@ static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
static usec_t arg_runtime_watchdog = 0;
static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
+static struct rlimit *arg_default_rlimit[RLIMIT_NLIMITS] = {};
static FILE* serialization = NULL;
@@ -665,6 +666,22 @@ static int parse_config_file(void) {
{ "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
{ "Manager", "RuntimeWatchdogSec", config_parse_usec, 0, &arg_runtime_watchdog },
{ "Manager", "ShutdownWatchdogSec", config_parse_usec, 0, &arg_shutdown_watchdog },
+ { "Manager", "DefaultLimitCPU", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CPU]},
+ { "Manager", "DefaultLimitFSIZE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_FSIZE]},
+ { "Manager", "DefaultLimitDATA", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_DATA]},
+ { "Manager", "DefaultLimitSTACK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_STACK]},
+ { "Manager", "DefaultLimitCORE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_CORE]},
+ { "Manager", "DefaultLimitRSS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RSS]},
+ { "Manager", "DefaultLimitNOFILE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NOFILE]},
+ { "Manager", "DefaultLimitAS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_AS]},
+ { "Manager", "DefaultLimitNPROC", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NPROC]},
+ { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MEMLOCK]},
+ { "Manager", "DefaultLimitLOCKS", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_LOCKS]},
+ { "Manager", "DefaultLimitSIGPENDING",config_parse_limit, 0, &arg_default_rlimit[RLIMIT_SIGPENDING]},
+ { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_MSGQUEUE]},
+ { "Manager", "DefaultLimitNICE", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_NICE]},
+ { "Manager", "DefaultLimitRTPRIO", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTPRIO]},
+ { "Manager", "DefaultLimitRTTIME", config_parse_limit, 0, &arg_default_rlimit[RLIMIT_RTTIME]},
{ NULL, NULL, NULL, 0, NULL }
};
@@ -1472,6 +1489,8 @@ int main(int argc, char *argv[]) {
m->runtime_watchdog = arg_runtime_watchdog;
m->shutdown_watchdog = arg_shutdown_watchdog;
+ manager_set_default_rlimits(m, arg_default_rlimit);
+
if (dual_timestamp_is_set(&initrd_timestamp))
m->initrd_timestamp = initrd_timestamp;
@@ -1631,6 +1650,9 @@ finish:
if (m)
manager_free(m);
+ for (j = 0; j < RLIMIT_NLIMITS; j++)
+ free (arg_default_rlimit[j]);
+
free(arg_default_unit);
strv_free(arg_default_controllers);
free_join_controllers();
diff --git a/src/core/manager.c b/src/core/manager.c
index f8fb8a2..f35bc8b 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -476,6 +476,7 @@ static void manager_clear_jobs_and_units(Manager *m) {
void manager_free(Manager *m) {
UnitType c;
+ int i;
assert(m);
@@ -524,6 +525,12 @@ void manager_free(Manager *m) {
free(m->switch_root);
free(m->switch_root_init);
+ for (i = 0; i < RLIMIT_NLIMITS; i++) {
+ if (m->rlimit[i]) {
+ free (m->rlimit[i]);
+ m->rlimit[i] = NULL;
+ }
+ }
free(m);
}
@@ -2133,6 +2140,24 @@ int manager_set_default_controllers(Manager *m, char **controllers) {
return 0;
}
+int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
+ int i;
+
+ assert(m);
+
+ for (i = 0; i < RLIMIT_NLIMITS; i++) {
+ if (default_rlimit[i]) {
+ m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
+
+ if (!m->rlimit[i])
+ return -ENOMEM;
+ }
+ }
+
+ return 0;
+}
+
+
void manager_recheck_journal(Manager *m) {
Unit *u;
diff --git a/src/core/manager.h b/src/core/manager.h
index 046540d..9b947c9 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -226,6 +226,8 @@ struct Manager {
ExecOutput default_std_output, default_std_error;
+ struct rlimit *rlimit[RLIMIT_NLIMITS];
+
/* non-zero if we are reloading or reexecuting, */
int n_reloading;
@@ -268,6 +270,7 @@ unsigned manager_dispatch_run_queue(Manager *m);
unsigned manager_dispatch_dbus_queue(Manager *m);
int manager_set_default_controllers(Manager *m, char **controllers);
+int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit);
int manager_loop(Manager *m);
diff --git a/src/core/service.c b/src/core/service.c
index 28049a3..fa3a54b 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -110,6 +110,7 @@ static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
static void service_init(Unit *u) {
Service *s = SERVICE(u);
+ int i;
assert(u);
assert(u->load_state == UNIT_STUB);
@@ -129,6 +130,13 @@ static void service_init(Unit *u) {
s->guess_main_pid = true;
exec_context_init(&s->exec_context);
+ for (i = 0; i < RLIMIT_NLIMITS; i++) {
+ if (UNIT(s)->manager->rlimit[i]) {
+ s->exec_context.rlimit[i] = newdup(struct rlimit, UNIT(s)->manager->rlimit[i], 1);
+ if (!s->exec_context.rlimit[i])
+ return;
+ }
+ }
RATELIMIT_INIT(s->start_limit, 10*USEC_PER_SEC, 5);
--
1.7.7
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
