Re: raise fileno limit to make Steam Proton / Wine+esync work well in Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Oct 15, 2018 at 7:34 PM Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote:
On Mo, 15.10.18 18:00, Kamil Paral (kparal@xxxxxxxxxx) wrote:

> On Tue, Oct 9, 2018 at 6:15 PM Lennart Poettering <mzerqung@xxxxxxxxxxx>
> wrote:
>
> > On Di, 09.10.18 14:45, Anderson, Charles R (cra@xxxxxxx) wrote:
> >
> > > > It would be nice if somebody managed to find where this is patched in
> > > > Debian. Because I somewhat doubt that they made this change without a
> > > > proper discussion. And Debian is very much server oriented.
> > >
> > > Can we not have the RPM package drop a file in /etc/security/limits.d
> > > to set the limit only when that package is installed?  That way it
> > > only affects users of that package.
> >
> > That only affects stuff that goes through PAM (specifically, all PAM
> > stacks that include pam_limits.so).
> >
> > It is my intention to change this system wide, i.e. for system
> > services (which do not go through PAM) too.
> >
>
> Lennart, what is the path forward here? Should we pull in some security
> experts to give us recommendations on the best default value? Or are those
> conversations already happening somewhere else? Also, do you need any more
> information regarding the Wine esync use case, or has Zebediah provided
> sufficient data?

Please follow the current state of this here:

https://github.com/systemd/systemd/pull/10244

I have been discussing with some upstream kernel folks, and some more
obstacles showed up (specifically, I was advised that we really should
bump fs.file-max and fs.nr_open sysctls to their maximums these days,
as these limits are not really useful anymore given that fd memory is
properly tracked by memcg anyways these days), which I have now
covered in the PR above.

This is waiting for review, but should enter systemd upstream soon,
and will then eventually trickle into Fedora.

Zebediah, do you know about any other outlier except of Google Earth VR for which the newly proposed default limit of 256K wouldn't be sufficient?

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux