Results 1 to 4 of 4
  1. #1
    Join Date
    Aug 2004
    Posts
    48

    Limit user resource usage (n of processes)

    Him

    I need to run a shell only allowing 1 or 2 processes per user.
    I read that that can be done with limits.conf.
    Here is mine wish is not working. What am i doing wrong?
    Thanks in advance

    # /etc/security/limits.conf
    #
    #Each line describes a limit for a user in the form:
    #
    #<domain> <type> <item> <value>
    #
    #Where:
    #<domain> can be:
    # - an user name
    # - a group name, with @group syntax
    # - the wildcard *, for default entry
    # - the wildcard %, can be also used with %group syntax,
    # for maxlogin limit
    #
    #<type> can have the two values:
    # - "soft" for enforcing the soft limits
    # - "hard" for enforcing hard limits
    #
    #<item> can be one of the following:
    # - core - limits the core file size (KB)
    # - data - max data size (KB)
    # - fsize - maximum filesize (KB)
    # - memlock - max locked-in-memory address space (KB)
    # - nofile - max number of open files
    # - rss - max resident set size (KB)
    # - stack - max stack size (KB)
    # - cpu - max CPU time (MIN)
    # - nproc - max number of processes
    # - as - address space limit
    # - maxlogins - max number of logins for this user
    # - maxsyslogins - max number of logins on the system
    # - priority - the priority to run user process with
    # - locks - max number of file locks the user can hold
    # - sigpending - max number of pending signals
    # - msgqueue - max memory used by POSIX message queues (bytes)
    # - nice - max nice priority allowed to raise to
    # - rtprio - max realtime priority
    #
    #<domain> <type> <item> <value>
    #

    #* soft core 0
    #* hard rss 10000
    [email protected] hard nproc 20
    [email protected] soft nproc 20
    [email protected] hard nproc 50
    #ftp hard nproc 0
    [email protected] - maxlogins 4
    user29999 soft nproc 1
    user29999 hard nproc 1
    # End of file


    Regards
    -----------------------------------
    Does your host Hosts or its hosted ?
    Host with alojamentonaweb.com
    -----------------------------------

  2. #2
    Join Date
    Dec 2004
    Location
    Washington, DC
    Posts
    787
    I havent done this in a while, but have you enabled this in SSHd and restarted that daemon?

  3. #3
    Join Date
    Dec 2005
    Posts
    82
    also and make sure you have in the file /etc/pam.d/login

    the string:
    session required /lib/security/pam_limits.so

    I think you need to set a least the limit to 2. Because shell will be the first
    process from this user, so he won't be able to run something else.

  4. #4
    Join Date
    Aug 2004
    Posts
    48
    Thanks Mark S, it was enabled by default on my system.
    But the below sugestion solved the problem.

    Quote Originally Posted by ngsupb
    also and make sure you have in the file /etc/pam.d/login

    the string:
    session required /lib/security/pam_limits.so

    I think you need to set a least the limit to 2. Because shell will be the first
    process from this user, so he won't be able to run something else.
    Using jailshell the limit sould be 4 (allowing only 1 process) lower than will return fork error

    Thanks to both of you
    -----------------------------------
    Does your host Hosts or its hosted ?
    Host with alojamentonaweb.com
    -----------------------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •