Setting CPU limits
This is a discussion on Setting CPU limits within the Linux Security forums, part of the System Security and Security Related category; Hi all, I'm trying to limit the CPU usage of my users. I have modified my /etc/security/limits....
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-29-2005
|
|||
|
|||
Setting CPU limits
Hi all,
I'm trying to limit the CPU usage of my users. I have modified my /etc/security/limits.conf file and added the following lines: @student hard nproc 20 @student hard cpu 10 First, is 10 minutes a riduclously small amount of CPU time to give to students? Second, and more importantly, does modifying the limits.conf file require a reboot to take effect? Thanks. -Greg 
|
|
06-30-2005
|
|||
|
|||
|
Re: Setting CPU limits
In comp.os.linux.security mrmazoo@gmail.com:
> Hi all, > I'm trying to limit the CPU usage of my users. I have modified my > /etc/security/limits.conf file and added the following lines: > @student hard nproc 20 > @student hard cpu 10 > First, is 10 minutes a riduclously small amount of CPU time to give to > students? Depends on what they are doing, you might need some trial/error to find an acceptable value. > Second, and more importantly, does modifying the limits.conf file > require a reboot to take effect? Of course not.;) But you need to log out users, limits are applied during login. -- Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94) mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/' #bofh excuse 434: Please state the nature of the technical emergency
|
|
07-04-2005
|
|||
|
|||
|
Re: Setting CPU limits
mrmazoo@gmail.com wrote:
> Hi all, > > I'm trying to limit the CPU usage of my users. I have modified my > /etc/security/limits.conf file and added the following lines: > > @student hard nproc 20 > @student hard cpu 10 > > First, is 10 minutes a riduclously small amount of CPU time to give to > students? When I was a lowly computer science under-grad, the faculty only gave us 10 minutes CPU time on their big-ass 8-cpu Solaris box (the imitable "banshee"). We rarely got bounced doing real work - but there was that threaded matrix multiplication assignment where we needed to spawn a thread for each row of a 100,000x100,000 matirx pair....that never worked - we'd run outta CPU time around half way through. ;) > Second, and more importantly, does modifying the limits.conf file > require a reboot to take effect? No. But new limits wont take effect until the affected users log out and back in again. James -- Please remain calm, it's no use both of us being hysterical at the same time.
|
|
07-04-2005
|
|||
|
|||
|
Re: Setting CPU limits
On 03.07.2005, Centurion <spam.this@nowhere.tld> wrote:
> mrmazoo@gmail.com wrote: > >> Hi all, >> >> I'm trying to limit the CPU usage of my users. I have modified my >> /etc/security/limits.conf file and added the following lines: >> >> @student hard nproc 20 >> @student hard cpu 10 >> >> First, is 10 minutes a riduclously small amount of CPU time to give to >> students? > > When I was a lowly computer science under-grad, the faculty only gave us 10 > minutes CPU time on their big-ass 8-cpu Solaris box (the imitable > "banshee"). > > We rarely got bounced doing real work - but there was that threaded matrix > multiplication assignment where we needed to spawn a thread for each row of > a 100,000x100,000 matirx pair....that never worked - we'd run outta CPU > time around half way through. ;) Have you thought about saving work just before time runs out? One of first things I thought up is to set soft limit for CPU to one or two seconds below hard limit (man getrlimit, man setrlimit) and catch SIGXCPU signal (man signal, man sigaction) to save data and exit gracefully. Then you could run program again and restore state from the file. -- Feel free to correct my English Stanislaw Klekot
|
|
07-09-2005
|
|||
|
|||
|
Re: Setting CPU limits
Thanks for the replies, all.
If the limits don't seem to be having any effect, what might be the problem? I have a user that keeps running a distributed net program in his home directory, and when he does it pretty much chews up all the available CPU cycles. He then goes to work, or school, or sleep, or whatever, and lets it run. I'd like to come up with a solution that doesn't involve asking him to stop, or forcing him to stop. In any case, the entries in /etc/security/limits.conf don't seem to be doing anything. Thanks in advance. -Greg
|
|
07-11-2005
|
|||
|
|||
|
Re: Setting CPU limits
So, I'm trying to test this out and, like I said, setting CPU limits of
10 minutes in limits.conf doesn't seem to be working. I put myself in the student group, logged out and logged back in and: 2:39pm up 40 days, 4:46, 1 user, load average: 0.24, 0.26, 0.20 91 processes: 90 sleeping, 1 running, 0 zombie, 0 stopped CPU0 states: 14.0% user, 14.0% system, 0.0% nice, 71.0% idle CPU1 states: 0.0% user, 0.0% system, 0.0% nice, 100.0% idle Mem: 1030556K av, 844920K used, 185636K free, 0K shrd, 316164K buff Swap: 1574328K av, 21044K used, 1553284K free 445916K cached PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM CTIME COMMAND 13586 gregg 15 0 1072 1072 816 R 43.9 0.1 14:22 top Sorry if this isn't formatted very well. Notice the CTIME value of 14:22. The limit is set at 10 minutes. Not sure what I am doing wrong. Can anyone help me out? Thank you. I considered asking the user to use nice, but I'd rather not deal with users on an individual basis if I don't have to. And I don't want to rely on 19 year old script-kiddies honoring my requests. -Greg
|
|
07-11-2005
|
|||
|
|||
|
Re: Setting CPU limits
On 11.07.2005, MrMazoo <mrmazoo@gmail.com> wrote:
> So, I'm trying to test this out and, like I said, setting CPU limits of > 10 minutes in limits.conf doesn't seem to be working. I put myself in > the student group, logged out and logged back in and: > [top garbage] > > PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM CTIME COMMAND > 13586 gregg 15 0 1072 1072 816 R 43.9 0.1 14:22 top > > Sorry if this isn't formatted very well. Notice the CTIME value of > 14:22. The limit is set at 10 minutes. > > Not sure what I am doing wrong. It's OK. Note that limit of 10 minutes is for used CPU time, not for how long ago was the process created. Try setting 1 minute limit and run something like perl -e 'do {} while 1' -- Feel free to correct my English Stanislaw Klekot
|
|
07-11-2005
|
|||
|
|||
|
Re: Setting CPU limits
I will try that, Stanislaw, but according to the top man page:
TIME Total CPU time the task has used since it started. If cumulative mode is on, this also includes the CPU time used by the process's children which have died. You can set cumulative mode with the S command line option or toggle it with the interactive command S. The header line will then be changed to CTIME. So, it seems that CTIME is the CPU time and not just the real time since the process was started. I'll try what you suggested and let you know. -Greg
|
|
07-12-2005
|
|||
|
|||
|
Re: Setting CPU limits
Ok, set limit on cpu time to 1:
@student hard nproc 20 @student hard cpu 1 @student soft core 0 However: 10:00am up 41 days, 8 min, 2 users, load average: 1.13, 0.50, 0.19 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT gregg pts/0 host.mydomain 9:57am 2:50 2:50 2:50 perl -e do {} w Sorry for being a pain. I feel like this is something idiotic that I am missing. This may be a stupid question, but how do I know that pam is running? -Greg
|
Linear Mode
