From: Manfred Spraul <manfred@colorfullife.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
LKML <linux-kernel@vger.kernel.org>,
Davidlohr Bueso <davidlohr.bueso@hp.com>,
Michael Kerrisk <mtk.manpages@gmail.com>,
Rafael Aquini <aquini@redhat.com>, Rik van Riel <riel@redhat.com>,
1vier1@web.de, serge@hallyn.com,
containers@lists.linux-foundation.org
Subject: Re: [PATCH 3/3] ipc namespace: copy settings from parent namespace
Date: Tue, 12 Aug 2014 22:39:05 +0200 [thread overview]
Message-ID: <53EA7B69.9060800@colorfullife.com> (raw)
In-Reply-To: <877g2ec7tg.fsf@x220.int.ebiederm.org>
Hi Eric,
On 08/12/2014 12:37 PM, Eric W. Biederman wrote:
> Manfred Spraul <manfred@colorfullife.com> writes:
>
> Sigh. Patches for new code during the merge window. It is a really
> rotten time to look at new things.
>
>> Right now, each new IPC namespace starts with the kernel default values.
>> This means that changes that were made to the limits get overwritten.
>>
>> With this patch, a new namespace inherits the settings from the parent
>> namespace, which is less surprising.
> In principle I agree.
>
> In practice I have to ask what have you done to survey applications
> that use the ipc namespace to see if they will break with this change in
> semantics.
I know this is the wrong answer, but:
What I find are problems caused by the current behavior.
See e.g.:
https://bugzilla.redhat.com/show_bug.cgi?id=1004724
Some background:
The e.g. sysvshm limits were not updated for many years and many
applications only ran properly if sysvshm limits are increased.
(now the defaults are large, but only since ~3.15)
Increasing is simple: sysctl kernel.shmmax=<>, but somehow this
must happen inside the container.
Right now, the most common approach seems to be the solution from the
bugzilla above:
Just marc /proc as read-write and do it manually.
With the patch, the kernel would propagate the value from parent to child.
--
Manfred
next prev parent reply other threads:[~2014-08-12 20:39 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-12 7:29 [PATCH 0/3] ipc: Further updates to sysv/mqueue limits Manfred Spraul
2014-08-12 7:29 ` [PATCH 1/3] ipc/msg: increase MSGMNI, remove scaling Manfred Spraul
2014-08-12 7:29 ` [PATCH 2/3] ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM Manfred Spraul
2014-08-12 7:29 ` [PATCH 3/3] ipc namespace: copy settings from parent namespace Manfred Spraul
2014-08-12 10:37 ` Eric W. Biederman
2014-08-12 20:39 ` Manfred Spraul [this message]
2014-08-15 13:42 ` Rafael Aquini
2014-08-15 13:42 ` [PATCH 2/3] ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM Rafael Aquini
2014-08-15 13:41 ` [PATCH 1/3] ipc/msg: increase MSGMNI, remove scaling Rafael Aquini
-- strict thread matches above, loose matches on Subject: below --
2014-05-29 18:46 [PATCH 0/3] ipc: Further updates to sysv/mqueue limits Manfred Spraul
2014-05-29 18:46 ` [PATCH 1/3] ipc/msg: increase MSGMNI, remove scaling Manfred Spraul
2014-05-29 18:46 ` [PATCH 2/3] ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM Manfred Spraul
2014-05-29 18:46 ` [PATCH 3/3] ipc namespace: copy settings from parent namespace Manfred Spraul
2014-06-05 12:54 ` Michael Kerrisk (man-pages)
2014-06-06 13:57 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53EA7B69.9060800@colorfullife.com \
--to=manfred@colorfullife.com \
--cc=1vier1@web.de \
--cc=akpm@linux-foundation.org \
--cc=aquini@redhat.com \
--cc=containers@lists.linux-foundation.org \
--cc=davidlohr.bueso@hp.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=riel@redhat.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox