summaryrefslogtreecommitdiff
path: root/modules/pam_limits/limits.conf.5
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_limits/limits.conf.5')
-rw-r--r--modules/pam_limits/limits.conf.5219
1 files changed, 219 insertions, 0 deletions
diff --git a/modules/pam_limits/limits.conf.5 b/modules/pam_limits/limits.conf.5
new file mode 100644
index 00000000..0aba7137
--- /dev/null
+++ b/modules/pam_limits/limits.conf.5
@@ -0,0 +1,219 @@
+.\" Title: limits.conf
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
+.\" Date: 04/16/2008
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\"
+.TH "LIMITS\.CONF" "5" "04/16/2008" "Linux-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+limits.conf - configuration file for the pam_limits module
+.SH "DESCRIPTION"
+.PP
+The syntax of the lines is as follows:
+.PP
+
+\fI<domain>\fR
+\fI<type>\fR
+\fI<item>\fR
+\fI<value>\fR
+.PP
+The fields listed above should be filled as follows:
+.PP
+\fB<domain>\fR
+.RS 4
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'a username
+.RE
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'a groupname, with
+\fB@group\fR
+syntax\. This should not be confused with netgroups\.
+.RE
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'the wildcard
+\fB*\fR, for default entry\.
+.RE
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'the wildcard
+\fB%\fR, for maxlogins limit only, can also be used with
+\fI%group\fR
+syntax\.
+.RE
+.RE
+.PP
+\fB<type>\fR
+.RS 4
+.PP
+\fBhard\fR
+.RS 4
+for enforcing
+\fBhard\fR
+resource limits\. These limits are set by the superuser and enforced by the Kernel\. The user cannot raise his requirement of system resources above such values\.
+.RE
+.PP
+\fBsoft\fR
+.RS 4
+for enforcing
+\fBsoft\fR
+resource limits\. These limits are ones that the user can move up or down within the permitted range by any pre\-existing
+\fBhard\fR
+limits\. The values specified with this token can be thought of as
+\fIdefault\fR
+values, for normal system usage\.
+.RE
+.PP
+\fB\-\fR
+.RS 4
+for enforcing both
+\fBsoft\fR
+and
+\fBhard\fR
+resource limits together\.
+.sp
+Note, if you specify a type of \'\-\' but neglect to supply the item and value fields then the module will never enforce any limits on the specified user/group etc\. \.
+.RE
+.RE
+.PP
+\fB<item>\fR
+.RS 4
+.PP
+\fBcore\fR
+.RS 4
+limits the core file size (KB)
+.RE
+.PP
+\fBdata\fR
+.RS 4
+maximum data size (KB)
+.RE
+.PP
+\fBfsize\fR
+.RS 4
+maximum filesize (KB)
+.RE
+.PP
+\fBmemlock\fR
+.RS 4
+maximum locked\-in\-memory address space (KB)
+.RE
+.PP
+\fBnofile\fR
+.RS 4
+maximum number of open files
+.RE
+.PP
+\fBrss\fR
+.RS 4
+maximum resident set size (KB)
+.RE
+.PP
+\fBstack\fR
+.RS 4
+maximum stack size (KB)
+.RE
+.PP
+\fBcpu\fR
+.RS 4
+maximum CPU time (minutes)
+.RE
+.PP
+\fBnproc\fR
+.RS 4
+maximum number of processes
+.RE
+.PP
+\fBas\fR
+.RS 4
+address space limit (KB)
+.RE
+.PP
+\fBmaxlogins\fR
+.RS 4
+maximum number of logins for this user except for this with
+\fIuid=0\fR
+.RE
+.PP
+\fBmaxsyslogins\fR
+.RS 4
+maximum number of logins on system
+.RE
+.PP
+\fBpriority\fR
+.RS 4
+the priority to run user process with (negative values boost process priority)
+.RE
+.PP
+\fBlocks\fR
+.RS 4
+maximum locked files (Linux 2\.4 and higher)
+.RE
+.PP
+\fBsigpending\fR
+.RS 4
+maximum number of pending signals (Linux 2\.6 and higher)
+.RE
+.PP
+\fBmsqqueue\fR
+.RS 4
+maximum memory used by POSIX message queues (bytes) (Linux 2\.6 and higher)
+.RE
+.PP
+\fBnice\fR
+.RS 4
+maximum nice priority allowed to raise to (Linux 2\.6\.12 and higher) values: [\-20,19]
+.RE
+.PP
+\fBrtprio\fR
+.RS 4
+maximum realtime priority allowed for non\-privileged processes (Linux 2\.6\.12 and higher)
+.RE
+.RE
+.PP
+In general, individual limits have priority over group limits, so if you impose no limits for
+\fIadmin\fR
+group, but one of the members in this group have a limits line, the user will have its limits set according to this line\.
+.PP
+Also, please note that all limit settings are set
+\fIper login\fR\. They are not global, nor are they permanent; existing only for the duration of the session\.
+.PP
+In the
+\fIlimits\fR
+configuration file, the \'\fB#\fR\' character introduces a comment \- after which the rest of the line is ignored\.
+.PP
+The pam_limits module does its best to report configuration problems found in its configuration file via
+\fBsyslog\fR(3)\.
+.SH "EXAMPLES"
+.PP
+These are some example lines which might be specified in
+\fI/etc/security/limits\.conf\fR\.
+.sp
+.RS 4
+.nf
+* soft core 0
+* hard rss 10000
+@student hard nproc 20
+@faculty soft nproc 20
+@faculty hard nproc 50
+ftp hard nproc 0
+@student \- maxlogins 4
+
+.fi
+.RE
+.SH "SEE ALSO"
+.PP
+
+\fBpam_limits\fR(8),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_limits was initially written by Cristian Gafton <gafton@redhat\.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 05:55:06 +0000