Background
kern.randompid introduces some randomization in which PID is chosen for the next process, instead of just bumping by 1.
Values:
kern.randompid=(value less than 2) is currently no-op and sets kern.randompid to 0.
If set to a value of ( 2 <= kern.randompid < 100), it's set to 100.
If set to a value of (100 <= kern.randompid <= (PID_MAX - 100)), it will be used as modulus when kern_fork.c tries to allocate new PID. Formula is lastpid += arc4random() % kern.randompid;
If set to a value of (kern.randompid > PID_MAX-100), it's set to PID_MAX-100.
(Should this be documented somewhere else? I'll happily do so, just tell me where ;) )
This patch changes
When kern.randompid is set to 1, it will no longer be auto-corrected to 0 but to a random value between 100 and 999 (inclusive). This should help make this feature slightly more randomized, as admin doesn't have to pick a (hopefully) random number on their own.. which also tends to be a set-and-forget value.
SUGGESTED COMMIT MESSAGE
Setting the sysctl kern.randompid to 1 is no longer a no-op, but rather sets it to a random value between 100 and 1123 inclusive.
Submitted by: Marie Helene Kvello-Aune
relnotes: yes