Home page logo
/

basics logo Security Basics mailing list archives

Re: User process limitations..
From: Nick Shapley <nick.shapley () ntlworld com>
Date: Fri, 21 Feb 2003 21:23:34 +0000

Check out the limits.conf file, its under /etc/security on my RH box.
The nproc parameter is the one you want.
Cheers,

Nick

Brad Arlt wrote:
On Thu, Feb 20, 2003 at 09:33:36AM -0000, Kenneth Hauklien wrote:

Hi

Is there any way to limit a users / groups processes? I run a shell/web server and want to limit them down to for example 2-3 processes. Is this possible in any way?

Thank you all in advance


Depends on the OS.

Solaris can limit the number of processes each user has, but this
applies to all users (including root, I think).  We cap things at 2000
to contain the" while(1) fork()" mishaps that happen when students
discover fork.

Limiting by groups is probably not supported.  It might be in Trusted
Solaris.

In /etc/system:
set maxuprc=<limit>

Linux has some limiting mechanism but I am hazy as to how.  pam_limits
leaps to mind, but just as quickly I am almost certain that isn't
right.

A better idea is Server virtualization (solaris9, VMS, vmWare).  Setup
containers that have memory and CPU use limits.  These are more what
you are trying to limit anyway.  People can go nuts within those
limits.  If they want 30 processes running that use no CPU, fine.  If
one process uses all their CPU allotment, to bad so sad.
-----------------------------------------------------------------------
   __o          Bradley Arlt                    Security Team Lead
 _ \<_               arlt () cpsc ucalgary ca                University Of Calgary
(_)/(_)         I should be biking right now.   Computer Science




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]