On Sat, Mar 24, 2001 at 05:18:24PM -0800, Karsten M. Self wrote: > > Um. I feel stupid asking this, but what resource limits *do* work, and per user process limits work (though pam_limits and/or ssh is broken in that you must set it higher then the number of root owned processes for logins to work) core size limits work, cpu utilization works (any process taking more consecutive time then allowed is killed) and virtual memory works. im not sure if anything else works as i don't know of a useful test for each. rss i know for sure is totally ignored by the kernel. > how can user resource limits be imposed at the system level? I've been pam_limits and /etc/security/limits.conf (latter being the config for the former) > looking at the bash man pages -- there's no more specific resource > utilization interface, is there? bash's ulimit command just uses the same resource limit calls any other program will use. some shells just don't provide a command to set the limits, but they are subject to limits set by thier parent (pam_limits). limits are [supposed to be] enforced by the kernel. > My preference would be to be able to limit memory utilization. *Some* > form of CPU throttle could also be useful under some circumstances. ulimit -v is all you got then AFAICT. this is the `as' limit in /etc/security/limits.conf. note that when a process runs into this limit it will just die horribly (killed, segfault etc). as for cpu throttle, you can set the number of seconds a process can take at a given time, so say you set a limit of 60 seconds, your shell will be fine but a password cracker will be killed after 60 seconds (since its constantly sucking the cpu) /me wishes there was more documentation on resource limits, and that they actually worked under linux properly. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpVylw4P01JE.pgp
Description: PGP signature