From d60c9f8c46ed5ea97279cd03ba7aafc65efc9c12 Mon Sep 17 00:00:00 2001
From: Jan Rekorajski <baggins@sith.mimuw.edu.pl>
Date: Thu, 9 May 2002 12:00:35 +0000
Subject: Relevant BUGIDs: 533664

Purpose of commit: new feature

Commit summary:
---------------
document '%' domain for maxlogins limit and clarify how '*' and @group
domains work for login limiting
---
 doc/modules/pam_limits.sgml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/doc/modules/pam_limits.sgml b/doc/modules/pam_limits.sgml
index eaa16bd9..44f057c4 100644
--- a/doc/modules/pam_limits.sgml
+++ b/doc/modules/pam_limits.sgml
@@ -114,6 +114,8 @@ The fields listed above should be filled as follows...<newline>
 <item> a username
 <item> a groupname, with <tt>@group</tt> syntax
 <item> the wild-card <tt/*/, for default entry
+<item> the wild-card <tt/%/, for maxlogins limit only,
+can also be used with <tt>%group</tt> syntax
 </itemize>
 
 <p>
@@ -203,6 +205,28 @@ Note, the use of <tt/soft/ and <tt/hard/ limits for the same resource
 <em/extreme/ level of resources that the user can obtain in a given
 service-session.
 
+<p>
+Note, that wild-cards <tt/*/ and <tt/%/ have the following meaning when
+used for maxlogins limit
+<itemize>
+<item> <tt/*/ every user
+<item> <tt/%/ all users, or entire group when <tt>%group</tt> is specified 
+</itemize>
+See the following examples:
+<tscreen>
+<verb>
+# EXAMPLE /etc/security/limits.conf file:
+# <domain>	<type>	<item>		<value>
+*               -       maxlogins       2
+@faculty        -       maxlogins       4
+%               -       maxlogins       30
+%student        -       maxlogins       10
+</verb>
+</tscreen>
+Explanation: every user can login 2 times, members of the <tt/faculty/
+group can login 4 times, there can be only 30 logins, only 10 from
+<tt/students/ group.
+
 <p>
 For the services that need resources limits (login for example) put
 the following line in <tt>/etc/pam.conf</tt> as the last line for that
-- 
cgit v1.2.3