nixpkgs/modules/system
Eelco Dolstra 7579933824 * Don't mount /dev/cgroup with the "ns" subsystem. If it's mounted,
then every unshare(CLONE_NEWNS) system call causes a new entry to be
  created in /dev/cgroup/<pid>, which is not removed automatically.
  This can cause subsequent calls to unshare() to fail if the PID has
  wrapped around.  Worse, a large number of entries in /dev/cgroup
  causes a very substantial system slowdown: doing 10,000
  fork()/unshare(CLONE_NEWNS)/exit() calls took 21s without the "ns"
  subsystem, but 2m43s with it, and the system slows down permanently
  until the entries in /dev/cgroup are removed (going to a load of > 6
  on my laptop).

  This is particularly important for Nix because its chroot feature
  uses unshare(CLONE_NEWNS).  (http://yellowgrass.org/issue/Nix/219)

svn path=/nixos/trunk/; revision=27216
2011-05-11 09:33:24 +00:00
..
activation * Don't mount /dev/cgroup with the "ns" subsystem. If it's mounted, 2011-05-11 09:33:24 +00:00
boot * "stage1panic" -> "stage1panic=1" to get rid of a harmless warning. 2011-04-08 14:42:35 +00:00
etc * Remove some dead code. 2011-03-31 21:21:55 +00:00
upstart * Added an option `system.upstartEnvironment' to add a variable to all 2011-01-09 22:00:41 +00:00
upstart-events Adding a wake on lan module. 2010-12-02 20:23:45 +00:00