Michał Kowalczyk
16b4416d75
Add disable_tsc
option
...
Implemented via prctl(PR_SET_TSC, PR_TSC_SIGSEGV, ...).
2022-02-17 23:53:13 +01:00
Philip
bf93e8a25d
cgroup2: use cgroup_mem_swap_max and cgroup_mem_memsw_max
2021-11-01 10:28:41 +01:00
Johan Kartiwa
29a556068a
Add support for setting cgroup memory.memsw.limit_in_bytes
2021-10-11 15:46:36 +02:00
Robert Swiecki
d6b9357e6b
config.proto: renumerate fields
2021-08-10 19:17:33 +02:00
Wiktor Garbacz
8e13a76b99
Fix duplicate field number
2021-08-04 10:25:38 +02:00
Wiktor Garbacz
95e112cf41
Fix formatting
2021-08-03 17:46:08 +02:00
Wiktor Garbacz
4136dd50d8
Merge branch 'use_switchroot'
2021-08-03 17:44:57 +02:00
Eli Zrihen
7aace9bdc6
rtprio, msgqueue - defaulting to 'soft'
2021-07-20 16:00:13 +03:00
Eli Zrihen
b83d6f7421
Renaming use_switchroot option with no_pivotroot
2021-07-20 15:45:58 +03:00
Eli Zrihen
9f4b4f41e7
Consistentency with RLIMIT_* constant name
2021-07-20 15:20:47 +03:00
Eli Zrihen
0f903ba9a0
Added rt, memlock & msgq limits
2021-07-19 17:21:34 +03:00
Eli Zrihen
dab1713ac9
Added use_switchroot option
2021-06-17 14:57:01 +03:00
Eli Zrihen
5c8b3835b7
MACVLAN modes support
2021-06-16 16:59:12 +03:00
Robert Swiecki
d1f332b911
Enable support for clone3() and for CLONE_NEWTIME
2021-05-18 14:38:01 +02:00
Robert Swiecki
056809ed3b
Initial support for CLONE_NEWTIME
2021-05-11 14:48:45 +02:00
Philip Papurt
32f2287fbb
net: add support for max_conns
2021-02-09 17:13:35 -05:00
Robert Swiecki
7ca0657316
config.proto: make indent
2020-07-28 14:03:27 +02:00
Robert Swiecki
0a5a5296dd
config.proto: renumerate config fields
2020-07-28 14:02:34 +02:00
Disconnect3d
5d103e595a
Fixes #146 : cgroups_mem_max unit in config.proto
...
This commit fixes the incorrect cgroups_mem_max unit described in a config.proto comment.
We do not perform any calculations on this value and we don't specify the values unit (k/M/G) when writing to memory cgroup controller files, so the value is specified in bytes.
2020-07-16 14:43:43 +02:00
Robert Swiecki
a2d5b07c76
config: remove deprecated config options
2020-07-09 17:28:56 +02:00
Disconnect3d
7f9ed1ba12
Fix default rlimit_stack value
...
The default `rlimit_stack` value was set to 1048576. However, this value is in MiB and so is later multiplied by 1024*1024 in b3d544d155/config.cc (L161-L162)
and it ends up as a limit of 1 TB for the stack size.
This PR changes it to 8 MB which is a more sane default or, at least I took it from my virtual machine's ulimits:
```
$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 31175
max locked memory (kbytes, -l) 16384
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 31175
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
```
2019-12-07 17:05:45 +01:00
Robert Swiecki
b3d544d155
config: simplify log/logfd setting
2019-10-02 19:43:58 +02:00
Lukasz Milewski
0bc575063b
Fix typo in config.proto: s/lofs/logs/
2019-09-06 15:08:30 -07:00
Robert Swiecki
e2c5c59bd3
standardize on envar vs envvar
2019-08-28 22:18:58 +02:00
Robert Swiecki
fe762a37b9
config.proto: move disable_rl higher
2019-08-19 14:28:45 +02:00
Jay Lees
86293b052e
Add flag to disable rlimits
2019-08-05 03:25:22 -07:00
Robert Swiecki
b120acd5b5
make indent depend
2019-08-04 09:50:34 +02:00
Jay Lees
08f62b6f76
[cgroup-v2] support cgroup v2 for mem, cpu and pids
2019-07-26 07:02:17 -07:00
Robert Swiecki
494a5f63cd
Add nice_level to cmd-line/config options
2019-06-30 21:50:56 +02:00
Robert Swiecki
317555b687
user: don't fail on setgroup() if not groups were specified
2019-06-28 13:31:43 +02:00
Robert Swiecki
1f022a2187
config.proto: Exe.path is required
2019-04-01 22:43:17 +02:00
Robert Swiecki
2b1bad6b5b
cmdline: allow to override config cmdline with cmdline cmdline
2019-03-30 16:10:14 +01:00
Robert Swiecki
9fe225dbe2
mnt: use /run/usr/<uid> first when mounting dirs
2019-03-18 16:37:04 +01:00
Robert Swiecki
8059747016
subproc: save/restore errno when printing error message twice
2019-03-12 17:07:24 +01:00
Robert Swiecki
9b8d91bd7f
incrase the default RLIMIT_AS limit to 4GiB. 512MiB is not enough for many payloas, and cgroups should be used for memory limiting anyway
2019-02-06 17:06:42 +01:00
Robert Swiecki
432c38ad23
cmdline: clarify cgroup_cpu_ms_per_sec
2018-12-05 14:35:16 +01:00
Robert Swiecki
ddd515e890
config.proto: renumber the fields
2018-11-08 07:09:41 +01:00
Robert Swiecki
625e36f912
config.proto: comments
2018-11-06 17:30:04 +01:00
Robert Swiecki
c7dd18c612
cmdline: add ability to passthrough current envvars
2018-10-28 17:15:55 +01:00
Wiktor Garbacz
7fe87b41c7
code formatting
2018-10-24 10:31:14 +02:00
Micky Del Favero
303f7ab7f0
Remove duplicate code
...
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
2018-10-23 22:24:43 +02:00
Micky Del Favero
233a7296fe
Added --macvlan_vs_ma switch to be able to set macvlan's mac-address.
...
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
2018-10-23 15:05:50 +02:00
Disconnect3d
760350d788
Update config.proto
2018-07-31 23:10:05 +02:00
Disconnect3d
755626f543
Update config.proto
2018-07-31 23:09:24 +02:00
Wiktor Garbacz
ba14675185
mnt: added nosuid/nodev/noexec flags to config
...
Closes #70
2018-07-27 11:29:15 +02:00
Robert Swiecki
272a85477a
config: Implement --stderr_to_null
2018-06-25 03:12:27 +02:00
Robert Swiecki
111481532b
config: add --iface_own to the proto config
2018-06-03 03:19:40 +02:00
Robert Swiecki
48e8634ba5
config: add support for seccomp_log
2018-05-23 15:38:45 +02:00
Robert Swiecki
0e4f623456
config.proto: deprecated --chroot and friends
2018-04-29 00:51:55 +02:00
Robert Swiecki
5a35f00e28
mnt: move mnt_t to std::string
2018-02-11 23:44:43 +01:00