diff options
| author |  MarkKoz <[email protected]> | 2021-12-20 15:37:24 -0800 |
|---|---|---|
| committer | MarkKoz <[email protected]> | 2021-12-20 15:37:24 -0800 |
| commit | 42583bd985023113c1e2c11160db0ddbe48b2c9e (patch) | |
| tree | 390b6f152d4df9a8acc0ece29d46be3ffbf5e6ab | |
| parent | Update NsJail (diff) | |
Set the max swap size through NsJail
| -rw-r--r-- | config/snekbox.cfg | 1 | ||||
| -rw-r--r-- | snekbox/utils/cgroup.py | 5 |
2 files changed, 2 insertions, 4 deletions
diff --git a/config/snekbox.cfg b/config/snekbox.cfg index 3a4cc67..a1caf68 100644 --- a/config/snekbox.cfg +++ b/config/snekbox.cfg @@ -105,6 +105,7 @@ mount { } cgroup_mem_max: 52428800 +cgroup_mem_swap_max: 0 cgroup_mem_mount: "/sys/fs/cgroup/memory" cgroup_pids_max: 5 diff --git a/snekbox/utils/cgroup.py b/snekbox/utils/cgroup.py index 9828310..bdc2fe0 100644 --- a/snekbox/utils/cgroup.py +++ b/snekbox/utils/cgroup.py @@ -89,12 +89,9 @@ def get_version(config: NsJailConfig) -> int: def init_v2(config: NsJailConfig) -> None: - """Ensure cgroupv2 children have controllers enabled and memory swapping is disabled.""" + """Ensure cgroupv2 children have controllers enabled.""" cgroup_mount = Path(config.cgroupv2_mount) - # Swap has to be disabled since NsJail doesn't do it. - (cgroup_mount / "memory.swap.max").write_text("0") - # If the root's subtree_control already has some controllers enabled, # no further action is necessary. if (cgroup_mount / "cgroup.subtree_control").read_text().strip(): |