Mailinglist Archive: opensuse (3767 mails)

< Previous Next >
Re: [SLE] maximum nproc value
  • From: Steve Graegert <graegerts@xxxxxxxxx>
  • Date: Mon, 6 Feb 2006 07:53:52 +0100
  • Message-id: <6a00c8d50602052253v540c898ak379f892ee3a4c7f5@xxxxxxxxxxxxxx>
On 2/3/06, James Wright <jwright01@xxxxxxx> wrote:
> Steve Graegert wrote:
> > 1. /etc/security/limits.conf tells the kernel what and how much
> > resources a user/group can use on a particular system. It can be seen
> > as a quota
>
> I have a couple of questions on this. The /etc/security/limits.conf file and the ulimit seem to only limit the amount of processes per user. Can you also limit the amount of processes that this system itself is allowed to concurrently run?

No, I don't think so. /etc/security/limits.conf allows per user
setting, only. It is possible to limit the number of processes for
all users. Simply add

* U 128

to limits.conf. It won't allow any user to create more than 256 processes.

> (OT, or is there a way to create a white list of allowed processes?).

No.

> Also, are changes to the limits.conf file immediate, or does a service need to be restarted for any changes to take effect?

Yes, a reboot is required.

> You could create a script that oversees requests for processes, check the request against a white list, then update the limits.conf file to allow an additional process. Is this a good idea, or is my logic flawed?

It won't work since limits.conf is only read once. See previous answer.

\Steve

--

Steve Graegert <graegerts@xxxxxxxxx>
Software Consultant {C/C++ && Java && .NET}
Office: +49 9131 7123988
Mobile: +49 1520 9289212

< Previous Next >