diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-04-12 12:12:18 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-04-12 12:12:18 +0200 |
| commit | 15de23a0b24f6073d527c6a8c22556ad5101a160 (patch) | |
| tree | 15f818cbcac07db827c09f3b61df10d2bac5e986 | |
| parent | 25f31130f37098d84d7dbd2027901a74b9f81140 (diff) | |
| parent | 6af905832418cbb68ddebfced3a876c57808132c (diff) | |
| download | systemd-15de23a0b24f6073d527c6a8c22556ad5101a160.tar.gz systemd-15de23a0b24f6073d527c6a8c22556ad5101a160.tar.bz2 systemd-15de23a0b24f6073d527c6a8c22556ad5101a160.zip | |
Merge pull request #12289 from poettering/news-pid-max
NEWS: explain the kernel.pid_max sysctl change
| -rw-r--r-- | NEWS | 23 |
1 files changed, 22 insertions, 1 deletions
@@ -1,5 +1,26 @@ systemd System and Service Manager +CHANGES WITH 243 in spe: + + * The "kernel.pid_max" sysctl is now bumped to 4194304 by default, + i.e. the full 22bit range the kernel allows, up from the old 16bit + range. This should improve security and robustness a bit, as PID + collisions are made less likely (though certainly still + possible). There are rumours this might create compatibility + problems, though at this moment no practical ones are known to + us. Downstream distributions are hence advised to undo this change in + their builds if they are concerned about maximum compatibility, but + for everybody else we recommend leaving the value bumped. Besides + improving security and robustness this should also simplify things as + the maximum number of allowed concurrent tasks was previously bounded + by both "kernel.pid_max" and "kernel.threads-max" and now only a + single knob is left ("kernel.threads-max"). There have been concerns + that usability is affected by this change because larger PID numbers + are harder to type, but we believe the change from 5 digit PIDs to 7 + digit PIDs is not too hampering for usability. + + … + CHANGES WITH 242: * In .link files, MACAddressPolicy=persistent (the default) is changed @@ -69,7 +90,7 @@ CHANGES WITH 242: * Two new conditions for units have been added: ConditionMemory= may be used to conditionalize a unit based on installed system RAM. ConditionCPUs= may be used to conditionalize a unit based on - install CPU cores. + installed CPU cores. * The @default system call filter group understood by SystemCallFilter= has been updated to include the new rseq() system call introduced in |