On Mon, Oct 05, 2009 at 05:47:50PM +0000, Tom Judge wrote: > Julian Elischer wrote: > >Tom Judge wrote: > >>Hi, > >> > >>Does anyone know of a patch that will add per jail memory limits so > >>that a jail can't swallow the resources of the entire box? > >> > >> > >>Thanks > >> > >>Tom > >>_______________________________________________ > >>freebsd-current_at_freebsd.org mailing list > >>http://lists.freebsd.org/mailman/listinfo/freebsd-current > >>To unsubscribe, send any mail to > >>"freebsd-current-unsubscribe_at_freebsd.org" > > > > > >not yet.. > > > > I started to port this to 7.1 today: > > http://wiki.freebsd.org/JailResourceLimits > > > What are the peoples opinions on this patch? Since r194766, we have precise accounting for the anonymous memory, both globally and per-uid. If current jails infrastructure allows to set per-jail limits (and I suspect that it is), then you should just match these two facilities. The seemingly problematic thing is processes changing their jails. It can be done similar to how the uid accounting is done currently, by remembering which jail was charged in corresponding vm map entry and object.
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:56 UTC