summaryrefslogtreecommitdiff
path: root/doc/modules/pam_limits.sgml
diff options
context:
space:
mode:
Diffstat (limited to 'doc/modules/pam_limits.sgml')
-rw-r--r--doc/modules/pam_limits.sgml24
1 files changed, 24 insertions, 0 deletions
diff --git a/doc/modules/pam_limits.sgml b/doc/modules/pam_limits.sgml
index eaa16bd9..44f057c4 100644
--- a/doc/modules/pam_limits.sgml
+++ b/doc/modules/pam_limits.sgml
@@ -114,6 +114,8 @@ The fields listed above should be filled as follows...<newline>
<item> a username
<item> a groupname, with <tt>@group</tt> syntax
<item> the wild-card <tt/*/, for default entry
+<item> the wild-card <tt/%/, for maxlogins limit only,
+can also be used with <tt>%group</tt> syntax
</itemize>
<p>
@@ -204,6 +206,28 @@ Note, the use of <tt/soft/ and <tt/hard/ limits for the same resource
service-session.
<p>
+Note, that wild-cards <tt/*/ and <tt/%/ have the following meaning when
+used for maxlogins limit
+<itemize>
+<item> <tt/*/ every user
+<item> <tt/%/ all users, or entire group when <tt>%group</tt> is specified
+</itemize>
+See the following examples:
+<tscreen>
+<verb>
+# EXAMPLE /etc/security/limits.conf file:
+# <domain> <type> <item> <value>
+* - maxlogins 2
+@faculty - maxlogins 4
+% - maxlogins 30
+%student - maxlogins 10
+</verb>
+</tscreen>
+Explanation: every user can login 2 times, members of the <tt/faculty/
+group can login 4 times, there can be only 30 logins, only 10 from
+<tt/students/ group.
+
+<p>
For the services that need resources limits (login for example) put
the following line in <tt>/etc/pam.conf</tt> as the last line for that
service (usually after the pam_unix session line: