Package: libpam-modules Version: 1.1.0-4 Severity: wishlist File: pam_limits
In practice, it is silly not to have a default limit for the maximum address space of a process. Once a process exceeds the size of the RAM, things slow down dramatically. Once a process exceeds RAM + swap space, the system is toast. The trouble is, that if a process starts running away, allocating too much memory, then the computer sits there thrashing, and it's often impossible to log in (if the OOM killer kills sshd) or painfully slow. In such a situation, it is not unusual for minutes to pass before a shell prompt appears, and the only reasonable solutions are to either kill the offending process or hit the power button. Far better to kill the runaway process before the situation gets that bad. So, there should be a default address space limit. >From experiment, setting a limit at min(RAM*1.2, RAM+0.5*swapspace) is a good place. At that point, the system is (almost always) thrashing, but (usually) not badly enough as to force a shutdown. This is a fairly conservative limit: often you'd want to kill the process much earlier. Someone who didn't like the limit could easily over-ride it in /etc/default/limits.conf . Note that this only handles the case where a single process runs away. Obviously, if you had 3 or 4 identical processes, the system could run out of memory much earlier. So, it only a partial solution, but it will handle a common case. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-proposed-updates') Architecture: i386 (i686) Kernel: Linux 2.6.30-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libpam-modules depends on: ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii libc6 2.10.2-2 GNU C Library: Shared libraries ii libdb4.7 4.7.25-8 Berkeley v4.7 Database Libraries [ ii libpam0g 1.1.0-4 Pluggable Authentication Modules l ii libselinux1 2.0.89-4 SELinux runtime shared libraries libpam-modules recommends no packages. libpam-modules suggests no packages. -- debconf information: libpam-modules/disable-screensaver: -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
