4

I would like to limit memory usage for Chromium (/bin/chromium-browser) and Firefox (/bin/firefox) for all users.

Before moving to Fedora I was using cgroups for that. However, I heard that on Fedora cgroups are deprecated. How can I set limit of 1GB RAM without cgroups?

EDIT: I have tried doing it with cgroups.

/etc/cgconfig.conf

group browsers { memory { memory.limit_in_bytes = 1024m; memory.memsw.limit_in_bytes = 1024m; memory.soft_limit_in_bytes = 1024m; } }

/etc/cgrules.conf

*:/bin/chromium-browser memory browsers

but after 

sudo service cgconfig start systemctl status cgconfig.service

I am receiving

● cgconfig.service - Control Group configuration service Loaded: loaded (/usr/lib/systemd/system/cgconfig.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Sun 2018-06-24 13:41:07 CEST; 29min ago Process: 9239 ExecStart=/usr/sbin/cgconfigparser -l /etc/cgconfig.conf -s 1664 (code=exited, status=87) Main PID: 9239 (code=exited, status=87) Jun 24 13:41:07 me systemd[1]: Starting Control Group configuration service... Jun 24 13:41:07 me cgconfigparser[9239]: /usr/sbin/cgconfigparser; error loading /etc/cgconfig.conf: Cgroup, operation not allowed Jun 24 13:41:07 me systemd[1]: cgconfig.service: Main process exited, code=exited, status=87/n/a Jun 24 13:41:07 me systemd[1]: cgconfig.service: Failed with result 'exit-code'. Jun 24 13:41:07 me systemd[1]: Failed to start Control Group configuration service.

I will be happy with either working cgroups or alternative approach without cgroups.

Improve this question
4

3 Answers 3

Reset to default
7

Another approach is to use systemd-run and MemoryHigh resource control, like

systemd-run --user --no-block -p MemoryHigh=1G firefox

MemoryHigh is a feature of CGroup V2 and is not deprecated. As explained in systemd.resource-control(5) manpage we must let systemd use CGroup V2. To do this, we have to add systemd.unified_cgroup_hierarchy=1 to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grun then run update-grub. Please note that this resource control is broken and does not work in some versions of systemd, e.g. v239 (where a workaround is also available).

Improve this answer
1

You could validate syntax of your files interactively:

$ sudo cgconfigparser -l /etc/cgconfig.conf -s 640 -t your-uid:your-gid

You need to create the cgroup and associate permissions

$ sudo cgcreate -a your-uid:your-gid -t your-uid:your-gid -g memory:browsers

Then try to start your browser with cgroups active: 

$ cgexec -g memory:/browsers /bin/chromium-browser
Improve this answer
0

Maybe timeout can help you: https://github.com/pshved/timeout

From the github page:

-t T - set up CPU+SYS time limit to T seconds

-m M - set up virtual memory limit to M kilobytes

So you have to run timeout -m 1000000 /bin/chromium-browser for example.

You could replace the application starter/menu entry to run the above command for more convenience.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.