Diffstat (limited to 'doc/modules/pam_limits.sgml')
1 files changed, 16 insertions, 7 deletions
diff --git a/doc/modules/pam_limits.sgml b/doc/modules/pam_limits.sgml
index 00ff532e..52b8771f 100644
@@ -109,7 +109,7 @@ The fields listed above should be filled as follows...<newline>
-<tt><type></tt> can have the two values:
+<tt><type></tt> can have the three values:
<item> <tt/hard/ for enforcing <em/hard/ resource limits. These limits
@@ -122,6 +122,9 @@ by any pre-exisiting <em/hard/ limits. The values specified with this
token can be thought of as <em/default/ values, for normal system
+<item> <tt/-/ for enforcing both <em/soft/ and <em/hard/ limits
@@ -142,12 +145,18 @@ usage.
-To completely disable limits for a user (or a group), a single dash
-(-) will do (Example: ``<tt/bin -/'', ``<tt/@admin -/''). Please
-remember that individual limits have priority over group limits, so if
-you impose no limits for <tt/admin/ group, but one of the members in this
-group have a limits line, the user will have its limits set according
-to this line.
+Note, if you specify a type of ``-'' but neglect to supply the
+<tt/item/ and <tt/value/ fields then the module will never enforce any
+limits on the corresponding user/group-members etc. . Note, the first
+entry of the form which applies to the authenticating user will
+override all other entries in the limits configuration file. In such
+cases, the <tt/pam_limits/ module will always return <tt/PAM_SUCCESS/.
+In general, individual limits have priority over group limits, so if
+you impose no limits for <tt/admin/ group, but one of the members in
+this group have a limits line, the user will have its limits set
+according to this line.
Also, please note that all limit settings are set <em/per login/.