On Wed, 2010-11-03 at 19:54 -0700, David Rientjes wrote:
> On Thu, 4 Nov 2010, Figo.zhang wrote:
>
> > In your new heuristic, you also get CAP_SYS_RESOURCE to protection.
> > see fs/proc/base.c, line 1167:
> > if (oom_score_adj < task->signal->oom_score_adj &&
> > !capable(CAP_SYS_RESOURCE)) {
> > err = -EACCES;
> > goto err_sighand;
> > }
>
> That's unchanged from the old behavior with oom_adj.
>
> > so i want to protect some process like normal process not
> > CAP_SYS_RESOUCE, i set a small oom_score_adj , if new oom_score_adj is
> > small than now and it is not limited resource, it will not adjust, that
> > seems not right?
> >
>
> Tasks without CAP_SYS_RESOURCE cannot lower their own oom_score_adj,
CAP_SYS_RESOURCE == 1 means without resource limits just like a
superuser,
CAP_SYS_RESOURCE == 0 means hold resource limits, like normal user,
right?
a new lower oom_score_adj will protect the process, right?
Tasks without CAP_SYS_RESOURCE, means that it is not a superuser, why
user canot protect it by oom_score_adj?
like i want to protect my program such as gnome-terminal which is
without CAP_SYS_RESOURCE (have resource limits),
[figo@myhost ~]$ ps -ax | grep gnome-ter
Warning: bad ps syntax, perhaps a bogus '-'? See
http://procps.sf.net/faq.html
2280 ? Sl 0:01 gnome-terminal
8839 pts/0 S+ 0:00 grep gnome-ter
[figo@myhost ~]$ cat /proc/2280/oom_adj
3
[figo@myhost ~]$ echo -17 > /proc/2280/oom_adj
bash: echo: write error: Permission denied
[figo@myhost ~]$
so, i canot protect my program.
> otherwise it can trivially kill other tasks. They can, however, increase
> their own oom_score_adj so the oom killer prefers to kill it first.
>
> I think you may be confused: CAP_SYS_RESOURCE override resource limits.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxxx For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom policy in Canada: sign http://dissolvethecrtc.ca/
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>