| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGAVQTE8JSPNimS_HU9-p8dCz2jw40YUEDwkU0BSn_ZZg_PhRA@mail.gmail.com> Date: Thu, 1 Mar 2012 16:38:37 -0600 From: C Anthony Risinger <anthony@...x.me> To: Mike Galbraith <efault@....de> Cc: Vivek Goyal <vgoyal@...hat.com>, Kay Sievers <kay.sievers@...y.org>, Frederic Weisbecker <fweisbec@...il.com>, containers@...ts.linux-foundation.org, Michal Schmidt <mschmidt@...hat.com>, linux-kernel@...r.kernel.org, Christoph Hellwig <hch@...radead.org>, Lennart Poettering <lennart@...ttering.net>, Tejun Heo <tj@...nel.org>, cgroups@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [RFD] cgroup: about multiple hierarchies On Thu, Mar 1, 2012 at 4:04 PM, Mike Galbraith <efault@....de> wrote: > On Thu, 2012-03-01 at 16:02 -0500, Vivek Goyal wrote: >> On Thu, Mar 01, 2012 at 09:26:43PM +0100, Mike Galbraith wrote: > >> > Q: you say systemd requires CONFIG_CGROUPS=y. Why is that? It's taking >> > over sysvinits job afaiui, what does that have to do with cgroups? >> >> I think they were using it to track all the children forked by a service >> and cleanup all of them if need be. So they just need it for logical >> grouping functionality and don't require any controllers as such. > > Hm. Controllers are perhaps not required, but cpu controller was > configured and used without consent. I didn't receive an offer. AFAIK it does in fact only require `name` cgroup for it's own monitoring purposes. i believe the systemd folks also tried (and are trying? see TODO) to get PR_SET_ANCHOR merged upstream: https://lkml.org/lkml/2010/2/2/165 ... which is a sort of recursive/persistent parenting flag; without that or cgroups, there is no way to reliably supervise processes under Linux. the other problem is there is no way for a process to enumerate the available cgroups -- IIRC a list had to be hard-coded in systemd sources -- and mounting the cgroupfs without specifying a specific subsystem simply mounts everything in one whack. you should be able to tell systemd to ignore that specific controller, or tell it to use existing mounts. i for one have been using it *exclusively* on my personal machines/home servers [archlinux] and am very pleased ... it's very flexible and gives you an unprecedented level of control and introspection into the system (man systemd.*) ... i can create new services in about 3-5 lines. ... obviously this thread is not about systemd, but since it makes such extensive use of cgroup facilities it only proves to highlight it's deficiencies. i think the notes and practices systemd has established should be viewed as a good reference for what's clumsy, at the very least, and should not be attributed to systemd, but to cgroups. -- C Anthony -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists