Bug 1209972
| Summary: | Negative OOMScoreAdjust kills any process in container | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Pavel Raiskup <praiskup> |
| Component: | systemd-container | Assignee: | Lukáš Nykrýn <lnykryn> |
| Status: | CLOSED CANTFIX | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.1 | CC: | jsynacek, linl |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-10-18 11:38:40 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1302191 | ||
We should ignore OOM score in the container. Playing with "/proc/PID/oom_score_adj": # echo -1 > /proc/1/oom_score_adj bash: echo: write error: Permission denied .. it seems like I'm always able to adjust the score with positive values, with --privileged container I'm also able to set negative score. (In reply to Lukáš Nykrýn from comment #2) > We should ignore OOM score in the container. Should not systemd make the setting of oom_score_adj value non-fatal (with warning possibly) for non-privileged containers? Seems like negative value is denied intentionally.. > Should not systemd make the setting of oom_score_adj value non-fatal (with
> warning possibly) for non-privileged containers? Seems like negative value
> is
> denied intentionally..
Well we should do the same what we are doing for similar variables :)
There is no systemd-container in RHEL-7 anymore. |
Any negative value in OOMScoreAdjust kills the command in ExecStart (and others..). There are services with OOMScoreAdjust=-1000 by default like PostgreSQL. container> rpm -q systemd-container systemd-container-208.20-4.el7.x86_64 host> rpm -q docker docker-1.5.0-29.el7.x86_64 host> getenforce Permissive Steps to reproduce: [root@e26a93fe3d94 ~]# cat /usr/lib/systemd/system/oom-fail.service [Unit] Description=test oom fail After=network.target [Service] Type=oneshot OOMScoreAdjust=-1 ExecStart=/usr/bin/true [root@e26a93fe3d94 ~]# systemctl start oom-fail Job for oom-fail.service failed. See 'systemctl status oom-fail.service' and 'journalctl -xn' for details. [root@e26a93fe3d94 ~]# systemctl status oom-fail oom-fail.service - test oom fail Loaded: loaded (/usr/lib/systemd/system/oom-fail.service; static) Drop-In: /run/systemd/system/oom-fail.service.d └─00-docker.conf Active: failed (Result: exit-code) since Wed 2015-04-08 10:37:12 EDT; 1s ago Process: 301 ExecStart=/usr/bin/true (code=exited, status=206/OOM_ADJUST) Main PID: 301 (code=exited, status=206/OOM_ADJUST) Apr 08 10:37:12 e26a93fe3d94 systemd[1]: oom-fail.service: main process exited, code=exited, status=206/OOM_ADJUST Apr 08 10:37:12 e26a93fe3d94 systemd[1]: Failed to start test oom fail. Apr 08 10:37:12 e26a93fe3d94 systemd[1]: Unit oom-fail.service entered failed state. [root@e26a93fe3d94 ~]# journalctl -xn ....... Apr 08 10:39:32 e26a93fe3d94 systemd[1]: Starting test oom fail... -- Subject: Unit oom-fail.service has begun with start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit oom-fail.service has begun starting up. Apr 08 10:39:32 e26a93fe3d94 systemd[307]: Failed at step OOM_ADJUST spawning /usr/bin/true: Permission denied -- Subject: Process /usr/bin/true could not be executed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- The process /usr/bin/true could not be executed and failed. -- -- The error number returned while executing this process is 13. Apr 08 10:39:32 e26a93fe3d94 systemd[1]: oom-fail.service: main process exited, code=exited, status=206/OOM_ADJUST Apr 08 10:39:32 e26a93fe3d94 systemd[1]: Failed to start test oom fail. -- Subject: Unit oom-fail.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit oom-fail.service has failed. -- -- The result is failed. Apr 08 10:39:32 e26a93fe3d94 systemd[1]: Unit oom-fail.service entered failed state.