How to limit server resource allocation to system users
The file /etc/security/limits.conf, contains the various limits for users or groups that can be set. In this case, we set the max locked-in-memory address space, memlock (KB). For example, if user bob needed to have a hard limit of 512 MB of RAM, then add in the following line:
‘domain’ ‘type’ ‘item’ ‘value’
buddy hard memlock 524288
buddy hard memlock 524288
Where domain can be
1. an user name
2. a group name, with @group syntax
3. the wildcard *, for default entry
4. the wildcard %, can be also used with %group syntax, for maxlogin limit
2. a group name, with @group syntax
3. the wildcard *, for default entry
4. the wildcard %, can be also used with %group syntax, for maxlogin limit
The “type” can have following two values
1. “soft” for enforcing the soft limits
2. “hard” for enforcing hard limits
2. “hard” for enforcing hard limits
The “item” can be one of the following values
1. core - limits the core file size (KB)
2. data - max data size (KB)
3. fsize - maximum filesize (KB)
4. memlock - max locked-in-memory address space (KB)
5. nofile - max number of open files
6. rss - max resident set size (KB)
7. stack - max stack size (KB)
8. cpu - max CPU time (MIN)
9. nproc - max number of processes
10. as - address space limit
11. maxlogins - max number of logins for this user
12. priority - the priority to run user process with
13. locks - max number of file locks the user can hold
2. data - max data size (KB)
3. fsize - maximum filesize (KB)
4. memlock - max locked-in-memory address space (KB)
5. nofile - max number of open files
6. rss - max resident set size (KB)
7. stack - max stack size (KB)
8. cpu - max CPU time (MIN)
9. nproc - max number of processes
10. as - address space limit
11. maxlogins - max number of logins for this user
12. priority - the priority to run user process with
13. locks - max number of file locks the user can hold
Leave a Reply
You must be logged in to post a comment.
