On Wed, Apr 9, 2014 at 7:39 PM, Richard Weinberger <rich...@nod.at> wrote: > Am 09.04.2014 19:19, schrieb Tom Gundersen: >> On Mon, Apr 7, 2014 at 9:47 PM, Richard Weinberger <rich...@nod.at> wrote: >>> At least LXC does not allow the container root to change >>> the OOM Score adjust value. >>> >>> Signed-off-by: Richard Weinberger <rich...@nod.at> >>> --- >>> Hi! >>> >>> Within Linux containers we cannot use OOMScoreAdjust nor >>> CapabilityBoundingSet (and maybe >>> more related settings). >>> This patch tells systemd to ignore OOMScoreAdjust if it detects >>> a container. >>> >>> Are you fine with such a change? >>> Otherweise regular distros need a lot of changes in their .service file >>> to make them work within LXC. >>> >>> As detect_virtualization() detects more than LXC we have to find out >>> whether OOMScoreAdjust cannot be used on OpenVZ and other container as well. >>> >>> I'd volunteer to identify all settings and sending patches... >> >> Hm, is there a fundamental reason why this is not possible in >> containers in general, or is it simply an LXC restriction? Regardless, >> would it not be best to simply degrade gracefully and ignore the >> setting with a warning if it fails? See the comment Lennart just >> posted on the recent PrivateNetwork= patch. This sounds like a very >> similar situation. > > Writing to oom_score_adj is disallowed by design within user namespaces. > Please see: https://lkml.org/lkml/2013/4/25/596
But I guess we still want to use this in containers that don't use user namespaces. > I'm also fine with ignoring OOMScoreAdjust if it fails. Sounds like the right way (might be other things like this too I suppose). > All I want is a painless Linux userspace on top of systemd within > my Containers. :-) :) -t _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel