geli(8) breaks after a couple hours of uptime

Fri Feb 8 13:28:24 UTC 2013

On 8 February 2013 07:46, Andriy Gapon <avg at> wrote:
> on 08/02/2013 13:48 Ulrich Spörlein said the following:
>> The problem here is that I login via my user account, then either use
>> sudo or sudo -i for a root shell, this however does not raise the
>> memorylocked limit. So when I said this works during boot and shortly
>> after, it's because I haven't started my screen session yet, through
>> which I do all the work, usually, but have logged in with a direct root
>> shell. D'oh!
>> It looks like 128k as a limit is still too low for geli(8) to work, and
>> I've set it to 256k now, so that I can use "sudo geli". Can you maybe
>> revise the patch to not use 1024k as an arbitrary limit, but rather make
>> sure you test for precisely as much memory as will be needed?
>> Also, can we maybe revisit the new 64k default limit, as it will
>> obviously make peoples work with geli a bit painful, this should work
>> out of the box.
> I have some, IMO, better suggestions:
> - use -c option with sudo
> - tune your system for your needs
> - [major] abolish the silliness of tying resource limits to login class and apply
> resource limits based on user and group IDs; including after su/sudo (subject to
> local policies)

The default settings should not make another feature unusable.  At a
minimum it should be documented in geli's man page that such tuning is

