Hello, There are many basic ways to control processes, including capabilities, cgroups and resource limits. However, there are far fewer ways to find out useful values for the limits, except blind trial and error. This patch series attempts to fix that by giving at least a nice starting point for configuration of PID and device cgroups. Thanks to the commenters for the previous version. -Topi Topi Miettinen (2): cgroup_pids: track highwater mark of pids device_cgroup: track and present accessed devices kernel/cgroup_pids.c | 51 ++++++++++++++++++++++++++-- security/device_cgroup.c | 86 ++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 117 insertions(+), 20 deletions(-) -- 2.8.1 -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
