-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
memory pressure documentation - requires CAP_SYS_RESOURCE #29723
Comments
ugh this is a pain, as it makes it impossible to run services using user namespaces, can that be reverted? |
actually turns out it's not, there's a bug, the cgroup maintainers will take care of it shortly thankfully |
bluca
added
not-a-bug
and removed
RFE 🎁
Request for Enhancement, i.e. a feature request
labels
Oct 26, 2023
I'm very relieved. Thank you. |
fix in 6.7-rc2 under "sched: psi: fix unprivileged polling against cgroups" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Component
systemd
Is your feature request related to a problem? Please describe
Sorry to say, at the same time you where adding MEMORY_PRESSURE PSI path by environment variable, Google limited it to services with CAP_SYS_RESOURCE capabilities - https://lore.kernel.org/all/20230303011346.3342233-1-surenb@google.com/ (effectively same patch in kernel).
Describe the solution you'd like
Stopgap documentation update to say SYS_RESOURCE is needed.
Advance the idea of providing a AF_UNIX socket so pid with is super capabilities can act as a proxy for less capable(ity) services.
Describe alternatives you've considered
cap_sys_resource for the service and dropping it after the file is memory.pressure is open.
The systemd version you checked that didn't have the feature you are asking for
No response
The text was updated successfully, but these errors were encountered: