diff options
| author | Andrew G. Morgan <morgan@kernel.org> | 2001-03-29 04:21:16 +0000 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2001-03-29 04:21:16 +0000 |
| commit | 688f3612e1c9b3a1524bd826a2a7d2546156808f (patch) | |
| tree | 6bbdff4c016c7266371591501c41db4a51cc36de /modules/pam_limits/README | |
| parent | a7181f94c8d5e7f42938b7fa6133589608760f2c (diff) | |
Relevant BUGIDs: 404953
Purpose of commit: bugfix
Commit summary:
---------------
The syntax "<domain> -" was not recognized.
Diffstat (limited to 'modules/pam_limits/README')
| -rw-r--r-- | modules/pam_limits/README | 29 |
1 files changed, 17 insertions, 12 deletions
diff --git a/modules/pam_limits/README b/modules/pam_limits/README index 918e6c91..2398334b 100644 --- a/modules/pam_limits/README +++ b/modules/pam_limits/README @@ -4,9 +4,10 @@ pam_limits module: THEORY OF OPERATION: -First, make a root-only-readable file (/etc/limits by default or LIMITS_FILE -defined Makefile) that describes the resource limits you wish to impose. No -limits are imposed on UID 0 accounts. +First, make a root-only-readable file (/etc/security/limits.conf by +default or INSTALLED_CONFILE defined Makefile) that describes the +resource limits you wish to impose. No limits are imposed on UID 0 +accounts. Each line describes a limit for a user in the form: @@ -18,9 +19,10 @@ Where: - a group name, with @group syntax - the wildcard *, for default entry -<type> can have the two values: - - "soft" for enforcinf the soft limits +<type> can have the three values: + - "soft" for enforcing the soft limits - "hard" for enforcing hard limits + - "-" for enforcing both soft and hard limits <item> can be one of the following: - core - limits the core file size (KB) @@ -35,15 +37,18 @@ Where: - as - address space limit - maxlogins - max number of logins for this user - maxsyslogins - max number of logins on the system - -To completely disable limits for a user (or a group), a single dash (-) -will do (Example: 'bin -', '@admin -'). Please remember that individual -limits have priority over group limits, so if you impose no limits for admin -group, but one of the members in this group have a limits line, the user -will have its limits set according to this line. + +Note, if you specify a type of '-' but neglect to supply the item and +value fields then the module will never enforce any limits on the +specified user/group etc. . + +Please remember that individual limits have priority over group +limits, so if you impose no limits for admin group, but one of the +members in this group has a limits line, the user will have its limits +set according to this line. Also, please note that all limit settings are set PER LOGIN. They are -not global, nor are they permanent (the session only) +not global, nor are they permanent (they apply for the session only). In the LIMITS_FILE, the # character introduces a comment - the rest of the line is ignored. |