On Wed, Nov 01, 2006 at 11:31:57AM +0000, Darren J Moffat wrote: > Steve Lawrence wrote: > >On Tue, Oct 31, 2006 at 12:02:58PM -0800, Gary Winiger wrote: > >>>This is how we treat cpu-shares. project 0 in the global zone has > >>>"infinite" > >>>shares. > >>> > >>>This will not help root logins directly, but could by setting: > >>> > >>> usermod -K project=system root > >> Or perhaps deliver root's entry this way to start with. > > > >Would that be a reasonable change to make via patch? Perhaps this change > >could be delivered to nevada, but not backported. > > > >It would be confusing to deliver this change, and also deliver the > >"user.root" > >project. If we made root's default project "system", then the "user.root" > >project should be removed. "user.root" is kind of a bug anyhow, as SMF > >does > >not run root services in "user.root". Currently, only root processes > >spawned > >by login/pam run in "user.root". > > I actually felt that that was an interesting accident that had useful > sideeffects. It would though be better to formalise the distinction > between services SMF starts and logins to root. I think it is actually > a good thing that they are in different projects by default. > > Just because they are in different projects doesn't mean the > configuration of those projects can't be the same.
I'm proposing special kernel treatment of projid 0. Another project cannot be configured to be like this. Are you proposing a new project attribute which means "don't enforce zone rctls"?? -Steve > > -- > Darren J Moffat _______________________________________________ zones-discuss mailing list email@example.com