Setting the MemoryLimit of a user-created systemd scope using cgroups as user

linux debian systemd memory-usage cgroup

Solution 1:

Ok, so the correct answer is that you cannot setup cgroup limits for user processes (at the time of writing this answer, anyway).

Ref from systemd-devel mailing list:

We simply do not support this right now. Unprivileged users do not get access to the cgroup properties of the various controllers right now, simply because this is unsafe.

We can open this up one day, bit by bit but this requires some kernel work, and an OK from Tejun that this is safe.

This was April, 2015, and I'm assuming nothing has changed since.

Solution 2:

It seems to work if done this way:

$ systemd-run --scope --user --unit limit-test.scope -p MemoryAccounting=yes -p MemoryLimit='10M' bash

and then checking the status:

$ systemctl show --user limit-test.scope | grep Mem
MemoryCurrent=18446744073709551615
MemoryAccounting=yes
MemoryLimit=10485760

The key being to pass in the property with the -p flag. Also, note that for user-mode systemd, the relevant file for configuring defaults is actually /etc/systemd/user.conf, and not /etc/systemd/system.conf.

Related

Sendmail is not listening to any port
Whitelist Elastic Load Balancer based on IP [closed]
Root chmod operation not permitted on file
Authenticate with Client SSL Certificate OR basic auth
Transfer files via Powershell Remoting (like scp in linux)
Monitor and collect statistics on TCP connection to src or dst host
Roundcube + Dovecot: SSL errors when trying to log in
Can I detect when a client has disconnected from a CGI?
find command with parameters in variable
How to SSH after remotely restarting Redhat and enter recovery mode?
Should Server Internet Connection be based solely on Internet Speed?
How to run PostgreSQL on CentOS within Docker?