LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Quotas for tmpfs

Quotas for tmpfs

Posted Nov 11, 2011 16:50 UTC (Fri) by nix (subscriber, #2304)
In reply to: Quotas for tmpfs by RogerOdle
Parent article: Quotas for tmpfs

What may be preferable is to group ordinary users together as far as the tmp file system is concerned.
You mean, group quotas, which have existed for as long as user quotas?

(Log in to post comments)

Quotas for tmpfs

Posted Nov 12, 2011 20:52 UTC (Sat) by Tobu (subscriber, #24111) [Link]

Or ballooning, like ext's policy of keeping the last 5% available for only root.

Quotas for tmpfs

Posted Nov 13, 2011 1:26 UTC (Sun) by giraffedata (subscriber, #1954) [Link]

What's appropriate for limiting tmpfs depends entirely on the specific problems you're trying to avoid, which we haven't established.

The classic Unix system which is used by multiple persons, each with a unique userid, are very rare now. On a system like that, a per-userid quota would make sense, though, to prevent a malicious user from denying service to others.

But multiuser systems today typically have multiple persons acting through the same userid (which owns a server process). On those, per-userid quota isn't much use.

Besides malicious attack, another great use of tmpfs space limitation is to limit the risk of an inadvertent runaway process. A per-process resource limit is a sensible way to do that.

Reserving space for root is a particularly ham-handed way protect system integrity, since root isn't all that special. It often uses space on behalf of unprivileged unimportant users, for one thing. And other userids are often critical to the system (there's no point in all those system management things running if the web server can't, after all).

There already is a great facility for protecting a process from another process' indiscriminate use of tmpfs space: make a tmpfs filesystem just for him. Any serious program ought either to respect the TMPDIR environment variable or provide some other means of directing the location of temporary files.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds