On Thu, Feb 14, 2013 at 07:18:49PM +0100, Reindl Harald wrote:
>
>
> >>> CapabilityBoundingSet=~CAP_SYS_PTRACE
> >
> > CONFIG proxy.config.stack_dump_enabled 0
> >
> FYI: "CONFIG proxy.config.stack_dump_enabled 0" resolves the
> instability in context of "CapabilityBoundingSet=~CAP_SYS_PTRACE"
Are you saying that changing either of these fixed your crashes ? If so,
great to know so that I don't push this into the EPEL/Fedora packages!
I should probably do the PrivateTmp and a list of InaccessibleDirectories.
Not quite sure about OOMScoreAdjust and the limits.. I haven't needed
setting any limits myself, and don't really care too much if the
OOM-killer kills my ATS (as this will lead to IP-address failover and
recovery in my config).
-jf
|