Re: maximum number of processes on kernel 2.4.x
I usually ad this to the bottom of /etc/security/limits.conf
* soft nofile 4096
* hard nofile 8192
and I set the ulimits in /etc/profile. This seems to do the trick for me.
Now, if only I could increase the number of threads I can run with IBM Java.
As soon as you dick about with libc to increase the system threads, it
coredumps.
--
Ian Cass
----- Original Message -----
From: "Wayne Tucker" <wtucker@donobi.com>
To: "Russell Coker" <russell@coker.com.au>
Cc: <debian-isp@lists.debian.org>
Sent: Tuesday, March 12, 2002 8:03 PM
Subject: Re: maximum number of processes on kernel 2.4.x
> On Tue, Mar 12, 2002 at 12:15:26PM +0100, Russell Coker wrote:
> > BTW, why exactly do you need to have so many root owned processes?
> >
> > Every root owned process is a potential security hole. Is it possible
to
> > make some of these things use non-root?
>
> The server is running CommuniGate Pro, which must be run as root. I'm
> not particularly comfortable with the idea myself, but since the
> server is only doing email, then if somebody compromises the mail
> software, they have control over everything important that happens on
> the server anyhow.
>
> It looks like the real problem was actually the pam_limits module that
> is being loaded from the various pam.d configuration files. It was
> doing a setrlimit(RLIMIT_NPROC, 256), which resulted in it not being
> able to perform the various setuid/setgid calls and whatnot and then
> spawn the login shell.
>
> Thanks again for your help,
>
> Wayne
>
>
> --
> Wayne A. Tucker - wtucker@donobi.com
> Network Engineer, Donobi Inc.
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
Reply to: