For me its critical to have a reliable remote access to the system. Its not the first time a process stole all my cpu power rendering LuCI and SSHd useless (not responding) whereas the traffic routing still worked.
I want to have these two processes (nginx/sshd) to be realtime priority (SCHED_RR) to have this problem sorted once and for all. Additionally all root (uid 0) processes niceness should be -10.
For the latter problem i've tried to set /etc/security/limits.conf:
root hard priority 29
root hard nice -10
This didn't work though. All root processes were still 'nice 0'.
For the realtime problem i'm out of ideas. The 'chrt' binary is not usable under musl. There are other processes already running as RT/SCHED_FIFO though. They are probably spawned by C API directly. ps ax --format uname,pid,ppid,tty,cmd,cls,ni,pri,rtprio |grep FF
Modify the dropbear init file (and possibly uhttpd *) to start it with high priority. OpenWrt runs most everything as root so you don't want to default all of them.
LuCI shouldn't be considered bombproof / high reliability, etc. Use ssh for emergencies.
You can apply this patch to package/utils/util-linux/Makefile. It will make a "renice" command available which you can use to change the priority of a running process.
Then
make package/util-linux/compile V=s
and go install the ipk. You can then change the priority of the process by doing renice -20 <PID>.
I know which process caused that. Its even in an LXC environment that i have full cgroups control over. But its not the point to make the world slave. Its about making SSHd master.
That's what i said. SSHd was not responding either.
Yes, i probably will take this over as well. Thanks!
In the meantime i have compiled a static 'chrt' binary against glibc that talks directly to the kernel bypassing musl. Will test that.
It would be nice though if that 'limits.conf' solution would be working so all new root processes are spawned with -10 niceness automatically. It would make a better difference to all the LXC processes. I'm wondering if 'limits.conf' is honored by OpenWrt init system at all.
limits.conf - configuration file for the pam_limits module
Description
The pam_limits.so module applies ulimit limits, nice priority and number of simultaneous login sessions limit to user login sessions. This description of the configuration file syntax applies to the /etc/security/limits.conf file and *.conf files in the /etc/security/limits.d directory.