{"id":192,"date":"2008-09-26T22:57:33","date_gmt":"2008-09-26T17:27:33","guid":{"rendered":"http:\/\/brainstorms.in\/?p=192"},"modified":"2008-09-26T23:01:34","modified_gmt":"2008-09-26T17:31:34","slug":"fork-bomb","status":"publish","type":"post","link":"https:\/\/brainstorms.in\/?p=192","title":{"rendered":"Fork bomb"},"content":{"rendered":"<p>We run  our college lab on <a href=\"http:\/\/ltsp.org\">LTSP<\/a> built on Debian Etch. Today, one of our students inadvertently ran a fork bomb and the entire lab was stuck. We had to reboot the system. On examining the code , it was found that he put fork system call in an infinite loop.<\/p>\n<p>A <em>fork bomb is a <\/em> process that \u2018explodes\u2019 by recursively spawning copies of itself. It will eventually eat up all your computing resources .<\/p>\n<p>On Linux systems\u00a0 you can set the maximum number of processes that a\u00a0 user can run.<\/p>\n<p>You can explore your current limits via the ulimit\u00a0 command. This is what I got on my debian etch installation at home.<\/p>\n<pre>sunil@debian:~$ ulimit -a\r\ncore file size          (blocks, -c) 0\r\ndata seg size           (kbytes, -d) unlimited\r\nmax nice                        (-e) 0\r\nfile size               (blocks, -f) unlimited\r\npending signals                 (-i) 4031\r\nmax locked memory       (kbytes, -l) 32\r\nmax memory size         (kbytes, -m) unlimited\r\nopen files                      (-n) 1024\r\npipe size            (512 bytes, -p) 8\r\nPOSIX message queues     (bytes, -q) 819200\r\nmax rt priority                 (-r) 0\r\nstack size              (kbytes, -s) 8192\r\ncpu time               (seconds, -t) unlimited\r\nmax user processes              (-u)\r\nvirtual memory          (kbytes, -v) unlimited\r\nfile locks                      (-x) unlimited<\/pre>\n<p>On my ubuntu desktop I got this.<\/p>\n<pre> sunil@Ubuntu-Hardy:~$ ulimit -a\r\ncore file size          (blocks, -c) 0\r\ndata seg size           (kbytes, -d) unlimited\r\nscheduling priority             (-e) 0\r\nfile size               (blocks, -f) unlimited\r\npending signals                 (-i) 16312\r\nmax locked memory       (kbytes, -l) 32\r\nmax memory size         (kbytes, -m) unlimited\r\nopen files                      (-n) 1024\r\npipe size            (512 bytes, -p) 8\r\nPOSIX message queues     (bytes, -q) 819200\r\nreal-time priority              (-r) 0\r\nstack size              (kbytes, -s) 8192\r\ncpu time               (seconds, -t) unlimited\r\nmax user processes              (-u)\r\nvirtual memory          (kbytes, -v) unlimited\r\nfile locks                      (-x) unlimited<\/pre>\n<p>On debian  the maximum user processes     is    4031  and on ubuntu it is   16312.<\/p>\n<p>ulimit settings can be controlled by \/etc\/security\/limits.conf . The file is commented and self explanatory. Each line in the file is organized like this.<\/p>\n<p>&lt;domain&gt;        &lt;type&gt;  &lt;item&gt;  &lt;value&gt;<\/p>\n<p>Where:<\/p>\n<p>*\u00a0 <strong>&lt;domain&gt; <\/strong> can be:<br \/>\no a user name<br \/>\no a group name, with @group syntax<br \/>\no the wildcard *, for default entry<br \/>\no the wildcard %, can be also used with %group syntax, for maxlogin limit<\/p>\n<p>* <strong>&lt;type&gt;<\/strong> can have the two values:<br \/>\no &#8220;soft&#8221; for enforcing the soft limits<\/p>\n<p>o &#8220;hard&#8221; for enforcing hard limits<br \/>\n* <strong>&lt;item &gt;<\/strong> can be one of the following:<br \/>\no core &#8211; limits the core file size (KB)<br \/>\no data &#8211; max data size (KB)<br \/>\no fsize &#8211; maximum filesize (KB)<br \/>\no memlock &#8211; max locked-in-memory address space (KB)<br \/>\no nofile &#8211; max number of open files<br \/>\no rss &#8211; max resident set size (KB)<br \/>\no stack &#8211; max stack size (KB)<br \/>\no cpu &#8211; max CPU time (MIN)<br \/>\no nproc &#8211; max number of processes<br \/>\no as &#8211; address space limit<br \/>\no maxlogins &#8211; max number of logins for this user<br \/>\no maxsyslogins &#8211; max number of logins on the system<br \/>\no priority &#8211; the priority to run user process with<br \/>\no locks &#8211; max number of file locks the user can hold<br \/>\no sigpending &#8211; max number of pending signals<\/p>\n<p>o msgqueue &#8211; max memory used by POSIX message queues (bytes)<\/p>\n<p>o nice &#8211; max nice priority allowed to raise to<\/p>\n<p>o rtprio &#8211; max realtime priority<br \/>\no chroot &#8211; change root to directory (Debian-specific)<\/p>\n<p>Typical entries\u00a0 in\u00a0 \/etc\/security\/limit.conf can be<\/p>\n<p>*\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0 \u00a0 \u00a0 \u00a0\u00a0 soft\u00a0\u00a0\u00a0 core\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 0<br \/>\n*\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 hard\u00a0\u00a0\u00a0 rss\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 10000<br \/>\n@student\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 hard\u00a0\u00a0\u00a0 nproc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 20<br \/>\n@faculty\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0 soft\u00a0\u00a0\u00a0 nproc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 20<br \/>\n#@faculty\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 hard\u00a0\u00a0\u00a0 nproc\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 50<\/p>\n<p>There are soft limits and hard limits. Soft limits are default values. However hard limits are\u00a0 enforced via kernel. So a user can change his soft limit up to the hard limit\u00a0\u00a0 using the ulimit command. For details ,RTFM <a href=\"http:\/\/www.ss64.com\/bash\/ulimit.html\" target=\"_blank\">ulimit<\/a>.<\/p>\n<p><a href=\"http:\/\/en.wikipedia.org\/wiki\/Fork_bomb\" target=\"_blank\">This wikipedia article<\/a> is very informative and a must read for all sysadmins. There are lot of\u00a0 example bombs you can try :D.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We run our college lab on LTSP built on Debian Etch. Today, one of our students inadvertently ran a fork bomb and the entire lab was stuck. We had to reboot the system. On examining the code , it was found that he put fork system call in an infinite loop. A fork bomb is&hellip; <a class=\"more-link\" href=\"https:\/\/brainstorms.in\/?p=192\">Continue reading <span class=\"screen-reader-text\">Fork bomb<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"_links":{"self":[{"href":"https:\/\/brainstorms.in\/index.php?rest_route=\/wp\/v2\/posts\/192"}],"collection":[{"href":"https:\/\/brainstorms.in\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/brainstorms.in\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/brainstorms.in\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/brainstorms.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=192"}],"version-history":[{"count":0,"href":"https:\/\/brainstorms.in\/index.php?rest_route=\/wp\/v2\/posts\/192\/revisions"}],"wp:attachment":[{"href":"https:\/\/brainstorms.in\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/brainstorms.in\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/brainstorms.in\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}