ulimit strangeness

Spudgun dlist at ubuntuforums.org
Thu Aug 18 12:58:48 CDT 2005


To stop 'forkbomb' attacks, my limits.conf looks like this:




Code:
--------------------
    # /etc/security/limits.conf

  #

  #Each line describes a limit for a user in the form:

  #

  #<domain>        <type>  <item>  <value>

  #

  #Where:

  #<domain> can be:

  #        - an user name

  #        - a group name, with @group syntax

  #        - the wildcard *, for default entry

  #        - the wildcard %, can be also used with %group syntax,

  #                 for maxlogin limit

  #

  #<type> can have the two values:

  #        - "soft" for enforcing the soft limits

  #        - "hard" for enforcing hard limits

  #

  #<item> can be one of the following:

  #        - core - limits the core file size (KB)

  #        - data - max data size (KB)

  #        - fsize - maximum filesize (KB)

  #        - memlock - max locked-in-memory address space (KB)

  #        - nofile - max number of open files

  #        - rss - max resident set size (KB)

  #        - stack - max stack size (KB)

  #        - cpu - max CPU time (MIN)

  #        - nproc - max number of processes

  #        - as - address space limit

  #        - maxlogins - max number of logins for this user

  #        - priority - the priority to run user process with

  #        - locks - max number of file locks the user can hold

  #

  #<domain>      <type>  <item>         <value>

  #

  

  #*               soft    core            0

  #*               hard    rss             10000

  #@student        hard    nproc           20

  #@faculty        soft    nproc           20

  #@faculty        hard    nproc           50

  #ftp             hard    nproc           0

  #@student        -       maxlogins       4

  

  # End of file

  # prevent core dumps

  *	hard	core	0

  

  #limit user processes per user to 150

  *	soft	nproc	100

  *	hard	nproc	150
--------------------


-- 
Spudgun



More information about the ubuntu-devel mailing list