On Sun, Feb 1, 2009 at 3:59 AM, Marco Schuster marco@harddisk.is-a-geek.org wrote:
I guess this would effectively disable all those memory-eating interwiki bots ;)
There's only 8G of RAM on nightshade. Make it a 2G limit, maybe, or 4G, but one non-root user using anything more than that seems unreasonable.
On Sun, Feb 1, 2009 at 6:42 AM, Bryan Tong Minh bryan.tongminh@gmail.com wrote:
And limit the number of processes a user can run. while (1) { fork(); } is gonna run you out of pids rather than memory.
ulimit -u is already set to 500 for me, so that shouldn't be possible.
0 15:30:12 ~$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) 2048000 scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 71680 max locked memory (kbytes, -l) 32 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 500 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited