Hi all,
I brought this up in tor-relay, where I'm keeping most of my relatively easy/low key stuff on getting Tor to work real solidly on the Raspberry Pi. However, the biggest problem I'm having right now (with the latest version) is occasional visits from the OOM killer, usually right after my relay gets a Stable flag and traffic increases. :(
I really need a way to hard-limit the RSS (physical memory usage) of the Tor process.
Would setrlimit(2)[1] work on the Tor process? This is Linux. For those that don't want to cruise the man page, here's the relevant discouraging text which may or may not apple to Tor, from a blog post on limiting memory and CPU time usage on Linux[2]:
Ulimit (the console tool, not the system call) is the first thing a Linux user would think about. You launch it in the shell, set "soft" and "hard" limits for each resource, and children, which are invoked in this shell, are limited in memory and time.
Its limits are imposed like this:
[snip]
Memory limit is set via the same system call. Memory limit is enforced by returning ENOMEM from a violating malloc() syscall. This usually leads to an unhandled exception of sorts, and the program (or its interpreter) is forced to terminate.
If that won't work, how can I achieve this with a high degree of precision? MaxAdvertisedBandwidth *is not* going to cut it for systems that are low on RAM, but have enough CPU horsepower to happily forward a few Mbps.
Thanks much, -Gordon M.