systemd and cgroups: heads up
Daniel J Walsh
dwalsh at redhat.com
Thu Aug 26 17:04:33 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/26/2010 09:59 AM, Matthew Miller wrote:
> On Wed, Aug 25, 2010 at 10:13:05PM -0400, Daniel J Walsh wrote:
>>> Hmm, why is libcgroup pulled in by policycoreutils? What's the
>>> rationale?
>> It is used for confining sandboxes.
>
> Having now looked at both projects, it appears to me that they are in
> conflict. They could be made to work side by side, in the same way that
> systemd's cron replacement feature doesn't necessarily mean that you can't
> run traditional crond, but there is significant overlap in terms of
> categorization policy. That is, libcgroup uses cgclassify to put stuff into
> cgroups, whereas systemd uses pam_systemd for users and creates cgroups
> automatically for services.
>
> This overlap doesn't seem good for the distribution.
>
>
> Dan, *could* systemd as it stands provide what you need for sandboxes?
>
>
I don't know. My goal with sandbox was to allow users to startup
sandboxes in such a way that they could be still killed.
Is there a way in cgroups to say
dwalsh gets 80% CPU
Then allow dwalsh to specify sandboxes can only use 80% of His CPU. So
he can kill them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkx2nqEACgkQrlYvE4MpobP9jQCghPHINsT/EVQb3CpTVwAcQ4B3
mxoAn3TAGBAc6JFSQOioD/LhXpQ4F3n6
=4w6A
-----END PGP SIGNATURE-----
More information about the devel
mailing list