Re: Limit resources of a group of users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fr, 28.02.25 13:38, Seva Epsteyn (seva@xxxxxxxxxxxx) wrote:

> Hi,
>
> I am trying to find a way to limit the combined resources of some, but not
> all, users. For example all non root users should be limited to 90% of
> memory.
>
> I can drop in config via user.slice.d which limits all users combined, or
> user-.slice.d which limits each user separately, but can not figure out a
> way to limit all non root users or say users in a group 'foo'.

This is simply not supported at the moment.

The goal was always to eventually allow to configure for each user
individually which slice to assign it to, but this still isn't
implemented. It's not entirely trivial because the cgroup path
currently carries information: our API calls sd_pid_get_session() or
sd_pid_get_owner_uid() parse this information from the cgroup paths,
and hence we cannot randomly change them around as these functions
would then start to fail.

This could be dealt with these days relatively nicely: we could attach
xattrs on the cgroups which give us the necessary information in a
better way than deriving it from the arrangement of the cgroup
paths. But so far noone has sat down implementing this.

TLDR: yes, we think doing this would be good, and we know how, but so
far noone did the work.

Sorry if that's disappointing.

Lennart

--
Lennart Poettering, Berlin
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux