Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S266966AbTGGMIh (ORCPT ); Mon, 7 Jul 2003 08:08:37 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S266972AbTGGMIf (ORCPT ); Mon, 7 Jul 2003 08:08:35 -0400 Received: from mail-in-01.arcor-online.net ([151.189.21.41]:15244 "EHLO mail-in-01.arcor-online.net") by vger.kernel.org with ESMTP id S266966AbTGGMI1 (ORCPT ); Mon, 7 Jul 2003 08:08:27 -0400 From: Daniel Phillips To: Mel Gorman Subject: Re: 2.5.74-mm1 Date: Mon, 7 Jul 2003 14:24:06 +0200 User-Agent: KMail/1.5.2 Cc: Jamie Lokier , Andrew Morton , Linux Kernel Mailing List , Linux Memory Management List References: <20030703023714.55d13934.akpm@osdl.org> <200307060414.34827.phillips@arcor.de> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307071424.06393.phillips@arcor.de> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1556 Lines: 39 On Monday 07 July 2003 12:00, Mel Gorman wrote: > On Sun, 6 Jul 2003, Daniel Phillips wrote: > > > > What are you going to do if you have one > > > > application you want to take priority, re-nice the other 50? > > > > > > Is that effective? It might be just the trick. > > > > Point. > > Alternatively, how about using PAM to grant the CAP_SYS_NICE capability to > known interactive users that require it. Presumably the number of users > that require it is very small (in the case of the music player, only one) > so it wouldn't be a major security issue. And set up distros to grant it by default. Yes. The problem I see is that it lets user space priorities invade the range of priorities used by root processes. What's really needed is a range of negative priorities available to normal users that are not normally used by root. In retrospect, the idea of renicing all the applications but the realtime one doesn't work, because it doesn't take care of applications started afterwards. > There is something along these lines at http://www.pamcap.org but it > requires some patching to the kernel (only available against 2.4.18 > currently) to inherit capabilities across exec and, from what I gather at > a quick glance, to allow capabilities to be set for a process group. Regards, Daniel - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/