diff options
| author | Andrew Morton <akpm@osdl.org> | 2004-05-10 00:09:00 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2004-05-10 00:09:00 -0700 |
| commit | cd053a9451232999d2284e2ff23e94a5047e9c70 (patch) | |
| tree | 59a2648a4fe5b45a460be5170c0bfd2eac4d6010 /kernel | |
| parent | 9008d35b80e72edc52a2f3d64cefe4e2ee858329 (diff) | |
| download | history-cd053a9451232999d2284e2ff23e94a5047e9c70.tar.gz | |
[PATCH] Add sysctl to define a hugetlb-capable group
From: "Chen, Kenneth W" <kenneth.w.chen@intel.com>,
"Seth, Rohit" <rohit.seth@intel.com>
This patch addresses the longstanding problem wherein Oracle needs
CAP_IPC_LOCK to allocate SHM_HUGETLB shm memory, but people don't want to run
Oracle as root, and capabilties are busted.
Various ideas with rlimits didn't work out, mainly because these objects live
beyond the lifetime of the user processes which establish them.
What we do is to create root-writeable /proc/sys/vm/hugetlb_shm_group which
specifies a single group ID. Users who belong to that group may allocate
hugepages for SHM_HUGETLB shm segments.
So the sysadmin will greate a new group, say `hugepageusers', will add the
oracle user to that group and will write that group's ID into
/proc/sys/vm/hugetlb_shm_group.
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/sysctl.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 79e7c090673dbd..722a070022e969 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -738,6 +738,14 @@ static ctl_table vm_table[] = { .extra1 = (void *)&hugetlb_zero, .extra2 = (void *)&hugetlb_infinity, }, + { + .ctl_name = VM_HUGETLB_GROUP, + .procname = "hugetlb_shm_group", + .data = &sysctl_hugetlb_shm_group, + .maxlen = sizeof(gid_t), + .mode = 0644, + .proc_handler = &proc_dointvec, + }, #endif { .ctl_name = VM_LOWER_ZONE_PROTECTION, |