[apparmor] status of nproc in apparmor 2.7.102
John Johansen
john.johansen at canonical.com
Fri May 11 00:24:23 UTC 2012
On 05/10/2012 02:55 PM, Jeroen Ooms wrote:
>> Hrmmm it is a feature that is desired, but has taken a lower priority
>> than certainly other features the last couple of cycles. While I would
>> like to see it in 12.10, that will depend on other work priorities some
>> of which will be determined next week at UDS.
>
> Hi John,
>
> hope you are having a good time up in the Bay. Let me know if there is
> any news about the future of apparmor and cgroups.
>
I plan to dig it out this weekend when I get back, and then we can kick
off a discussion about the issues etc
> So just to be clear: the current implementation of AppArmor (that
> ships with ubuntu 12.04) the NPROC will limit the number of concurrent
> processes per UID, is that correct? Hence if I make create a dedicated
> user for my service and set an nproc in the service profile, it will
> enforce a global limit on the number of procs that this service can
> have at any given time?
>
Yes
More information about the AppArmor
mailing list