[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] locking down rsyslog.service

CAP_SYS_ADMIN: exceed /proc/sys/fs/file-max

Quick note: you can change that particular limit via the systemd .service file (LimitNOFILE= – see "man systemd.exec").

rsyslog thus doesn't need that cap.

Also, on my mostly-vanilla system,

$ ulimit -n -H

I hesitate to speculate why rsyslog would need more than a million file descriptors …

-- mit freundlichen Grüßen
-- Matthias Urlichs

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to: