Re: /etc/limits
On Tue, 11 Jan 2000, Marek Habersack wrote:
> And the pam_limits 'as' + 'rss' + 'data' + 'memlock' + 'stack' parameters?
> They all give you fine-grained control over the user's memory.
OK, you're right. I had tried some of the PAM limits previously (one at a
time) and none of them alone was sufficient to restrict an account's
memory usage from devouring the machine using a particular exploit I'd
gotten hold of. At the same time, restricting the user's "virtual memory"
(ulimit -v) was able to stop the exploit, while none of the other ulimit
options did. Therefore I thought I was unable to limit the max vmem using
PAM. Thank you for pointing out to me that I can. :)
One last thing... the original question also was, "how do slackware and
RedHat set the max vmem usage without using ulimit, /etc/limits, or PAM?"
Would you happen to know this off-hand? I thought maybe it was compiled
into the login binary but I downloaded the source and their patches and
didn't see any reference to it. Friends of mine have a slack 7 and an RH6
box, RH has PAM enabled but no limits configured, while the slackware
machine has no /etc/limits, /etc/pam.d, or /etc/security. Yet when I log
in, my virtual memory limit is set to 2105343 KB. Is that something
imposed by the kernel due to its maximum address space? My kernel
(2.2.14) is compiled the same way AFAICT yet my vmem limit is "unlimited"
unless I set it using one of the aforementioned methods.
Thanks again.
Reply to: