On Sun, Feb 1, 2009 at 3:59 AM, Marco Schuster
<marco(a)harddisk.is-a-geek.org> wrote:
I guess this would effectively disable all those
memory-eating interwiki bots ;)
There's only 8G of RAM on nightshade. Make it a 2G limit, maybe, or
4G, but one non-root user using anything more than that seems
unreasonable.
On Sun, Feb 1, 2009 at 6:42 AM, Bryan Tong Minh
<bryan.tongminh(a)gmail.com> wrote:
And limit the number of processes a user can run.
while (1) { fork();
} is gonna run you out of pids rather than memory.
ulimit -u is already set to 500 for me, so that shouldn't be possible.
0 15:30:12 ~$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) 2048000
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 71680
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 500
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited