path: root/modules/pam_limits/README
diff options
Diffstat (limited to 'modules/pam_limits/README')
1 files changed, 69 insertions, 0 deletions
diff --git a/modules/pam_limits/README b/modules/pam_limits/README
new file mode 100644
index 00000000..6aabd54f
--- /dev/null
+++ b/modules/pam_limits/README
@@ -0,0 +1,69 @@
+pam_limits — PAM module to limit resources
+The pam_limits PAM module sets limits on the system resources that can be
+obtained in a user-session. Users of uid=0 are affected by this limits, too.
+By default limits are taken from the /etc/security/limits.conf config file.
+Then individual *.conf files from the /etc/security/limits.d/ directory are
+read. The files are parsed one after another in the order of "C" locale. The
+effect of the individual files is the same as if all the files were
+concatenated together in the order of parsing. If a config file is explicitly
+specified with a module option then the files in the above directory are not
+The module must not be called by a multithreaded application.
+If Linux PAM is compiled with audit support the module will report when it
+denies access based on limit of maximum number of concurrent login sessions.
+ Indicate an alternative limits.conf style configuration file to override
+ the default.
+ Print debug information.
+ Set the limits for which no value is specified in the configuration file to
+ the one from the process with the PID 1. Please note that if the init
+ process is systemd these limits will not be the kernel default limits and
+ this option should not be used.
+ Some broken applications actually allocate a utmp entry for the user before
+ the user is admitted to the system. If some of the services you are
+ configuring PAM for do this, you can selectively use this module argument
+ to compensate for this behavior and at the same time maintain system-wide
+ consistency with a single limits.conf file.
+ Do not report exceeded maximum logins count to the audit subsystem.
+These are some example lines which might be specified in /etc/security/
+* soft core 0
+* hard nofile 512
+@student hard nproc 20
+@faculty soft nproc 20
+@faculty hard nproc 50
+ftp hard nproc 0
+@student - maxlogins 4
+:123 hard cpu 5000
+@500: soft cpu 10000
+600:700 hard locks 10