Explaining the Linux Fork Bomb
About the bomb
You may have seen this before: :(){ :|:&};: usually as a joke about new emoji support in Linux terminals.
If you run it you will probably see something like this:
Then your system becomes completely unusable.
What is it?
Well, let's explain what is going on, by breaking it up into multiple lines.
:(){
: | : &
}
:
So, it's a function :() that contains { itself : a pipe | to itself : that runs in the background & then closes the contains } and finally calls itself ; starting the whole loop.
Is is much easier to understand if you rename the function to something other than : for instance this is the exact same thing:
fork(){
fork | fork &
}
fork
Using this updated code the one line version would be fork(){ fork | fork &}; fork
What is happening then?
Well, it initially starts, calls itself and passes itself to itself in the background making child processes of itself, each one doing the exact same thing, making children that make children ad infinitum. Quickly making the computer or server run out of resources, and it happens very fast.
Why does it matter?
Because it can be run with absolutely no permissions other than login, and will take it down in seconds.
What can I do if i run a server?
Good news if you run a server with systemd, It should prevent this by limiting the users to 33% of max cpu time. But, it wouldn't hurt to look at the soft and hard limits anyway.
What if I don't?
The best protection is to limit the number of background processes a user can spawn, which by default is usually 10k. This can be check with the command ulimit -u if you would like to lower it, you can manually limit it by setting soft and hard limits with ulimit -S -u 5000. If you want a permanent solution you would need to edit the file /etc/security/limits.conf which has examples of settings you can set, but should look something like this:
@users hard nproc 5000
Thereby setting the group users hard limit to the number of processes to 5000
What happens if you run it in a VM on a distro without systemd, will it crash or is the VM handling it?
Well, funny you ask, because i ran it in a VM to try to get a screenshot. I'm currently using Debian Sid, so I do have systemd, and I do have my ulimits set, but because I'm pretty sure the VM has escalated privilege, my machine froze hard. Had to manual power off and back on.
That really is funny, wasn't expecting it :)))
Which distros and DE/WMs did you use for the longest periods of time? I'm fairly new to it, started with Mint for 4-5 months then settled with ArchLabs and OpenBox for almost 3 years now.
I used to distrohop a lot. Started with Redhat way back in the day and switched to Slackware at version 3. It was honestly probably the one i used the longest. I then used Arch forever it felt like. But recently, for work reasons, it's easier to use one of the major distros. I didn't like how bloated Ubuntu was, and some of their design choices (unity?) so I ended up using Debian. I don't like how slow they are on releases though, so unstable is about as low a version as i'll go, but generally can keep Sid alive and working.
As far as DE/WM. I prefer tiling window managers. Currently using DK with polybar and rofi, I tend to not touch the mouse too much and spend a good portion of my day in the terminal. Obligatory screenshot attached. (the left half is a second montior, tv actually, right half is the laptop screen.)
Well one thing I wasn't expecting, really, you using DK, I was one of the "early testers", DK is made by Nate Maia who is also the creator of ArchLabs, the distro I've been using for the past almost 3 years, we exchanged messages on the forums multiple times, a cool and helpful guy always, too bad the distro gets discontinued, but he said that DK will live on, he'll keep working on it. I was never a tilling user, I just can't get used to it and always used Alt+Tab, I feel at home with OpenBox and Rofi :) As for Ubuntu, never had it installed as a desktop option but I am using it for my server-side needs. As for a screenshot, I don't have much to show for :)) (you said you don't touch the mouse too much, did you try QuteBrowser?)
The browser on the right monitor is qutebrowser. :) As far as servers, yeah, I use Ubuntu almost exclusively just because it's the easiest to maintain and has probably the best support and documentation.
You know, it's a small world after all re: dk and Nate Maia.
Ecency does no justice to images, all of them get chopped down to a minimum size and a really low bad quality, my first excuse. But then I did open your screenshot in full size and detail and I have to say if you don't check the status bar, just looking at the top of the image its hard to recognize that you are using QB.
What are you working on in the python screen and how did you find out about DK?