* Lennart Poettering: > On Fr, 19.10.18 09:12, Florian Weimer (fweimer@xxxxxxxxxx) wrote: > >> >> (cross-posting to devel and desktop lists, ideally reply to both) >> > >> > Coincidentally, at All Systems Go! in Berlin last week I had some >> > discussions with kernel people about RLIMIT_NOFILE defaults. They >> > basically suggested that the memory and performance cost of large >> > numbers of fds on current kernels is cheap, and that we should bump >> > the hard limit in systemd for all userspace processes. >> >> Which kernel version is that? Is that a new patch? Or some older >> kernel? >> >> It's definitely not true for kernel 4.18, see the script I posted. > > I inquired Tejun Heo about this all, this is what he replied: > So, yeah, if we'd use cgroupv2 on Fedora, then everything would be > great (unfortunately the container messiness blocks that for now). But > as long as we don't, lifting the fd limit is not really making things > worse, given that there are tons of other easily exploitable ways to > acquire untracked memory... How does cgroupv2 solve this if we do not configure hard limits for the user session? I don't want us to go back to static resource allocation for applications, similar to what System 9 did. Anyway, the problem suggests to me that the default soft limit should not be raised until the kernel gets better recovery, so that applications won't trigger the issue by accident. Thanks, Florian _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx