Page 1 of 1

processes in chroot have abnormal priority

PostPosted: Tue May 03, 2005 11:13 am
by ashes
Hi. I am using grsecurity with kernel 2.6.11.7, glibc-2.3.5, and gcc-3.4.3. Pentium4, 3Ghz, 1GB ram. I'm using it as a desktop/workstation, running kde.

While compiling packages in chroot I noticed the processes in chroot dominate the machine. The mouse has very poor performance, the software/system has brutal responce time. It doesn't really matter what process it is, it can be make(1) or bzip2(1). Using 'nice -9' doesn't help much. As soon as the process is finished the system performance returns to normal. Running programs outside of chroot is fine.

I have most of the grsecurity options enabled. I am root inside the chroot. I set:
kernel.grsecurity.chroot_caps=0
kernel.grsecurity.chroot_deny_mknod=0
kernel.grsecurity.chroot_deny_chmod=0
kernel.grsecurity.chroot_deny_mount=0
and for x11 I disabled:
CONFIG_GRKERNSEC_KMEM
CONFIG_GRKERNSEC_IO

Everything else in grsecurity and pax is turned on.

Regards
Robert