相关:
LImiting overall memory usage for child processes
有没有办法让非特权用户或root用户允许非特权用户创建系统范围(或systemd管理的其他控制组),以便范围的内存使用受到限制,并且限制可由用户?
或者,为什么这不能达到上述效果:
$systemd-run --scope --user --unit=limit-test.scope bash
Running as unit limit-test.scope.
$systemctl show --user limit-test.scope |grep Mem
MemoryAccounting=no
MemoryLimit=18446744073709551615
$systemctl set-property --user limit-test.scope MemoryAccounting=yes
$systemctl set-property --user limit-test.scope MemoryLimit=100M
$systemctl show --user limit-test.scope |grep Mem
MemoryAccounting=yes
MemoryLimit=104857600
$python
>>> a = [1]*1000000000 # happily eats 7.4G of RAM
我正在使用systemd 215在Debian unstable上测试它.内核是3.18.2并使用所需的支持进行编译,我相信:
$zgrep -E 'CGROUP|MEMCG' /proc/config.gz
CONFIG_CGROUPS=y
# CONFIG_CGROUP_DEBUG is not set
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_DEVICE=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_MEMCG=y
CONFIG_MEMCG_SWAP=y
CONFIG_MEMCG_SWAP_ENABLED=y
CONFIG_MEMCG_KMEM=y
# CONFIG_CGROUP_HUGETLB is not set
CONFIG_CGROUP_PERF=y
CONFIG_CGROUP_SCHED=y
CONFIG_BLK_CGROUP=y
# CONFIG_DEBUG_BLK_CGROUP is not set
CONFIG_NETFILTER_XT_MATCH_CGROUP=m
CONFIG_NET_CLS_CGROUP=y
CONFIG_CGROUP_NET_PRIO=y
CONFIG_CGROUP_NET_CLASSID=y
/etc/systemd.system.conf设置这些参数,但没有别的:
DefaultCPUAccounting=yes
DefaultBlockIOAccounting=yes
DefaultMemoryAccounting=yes
我真正想要实现的是一种RSS限制,作为一个非特权用户,一个进程(或一组进程),而不限制虚拟内存,即ulimit -v out.