[MLton] NetBSD limits
Matthew Fluet
fluet@cs.cornell.edu
Mon, 29 May 2006 19:33:12 -0400 (EDT)
> Use vipw(8) to set your login class in /etc/passwd and its shadow db
> (/etc/master.passwd). Man page is passwd(5).
>
> Create /etc/login.conf to contain a capability on the resource limits
> which suits you. Refer to the class from before. Relevant man-page is
> login.conf(5).
>
> Run cap_mkdb on the login.conf file to get its (hash-table) capability
> database built. man page: cap_mkdb(1).
>
> Login with the user. Verify everything is right with ulimit and that the
> capability database gets read correctly.
Thanks. One thing I learned the hard way -- make sure you also add a
'default' class to login.conf. Otherwise, something in the login fails,
and PAM rejects the login -- including 'root' login. I had to reset
the machine, boot from CD, fsck and mount the root partition and delete
/etc/login.conf to regain control of the system. (God bless VMWare.)
One oddity remains. My login.conf looks like:
default|Default user:\
:datasize-max=3072M:\
:datasize-cur=2048M:\
:memorylocked-max=3072M:\
:memorylocked-cur=2048M:\
:memoryuse-max=3072M:\
:memoryuse-cur=2048M:\
:stacksize-max=4M:\
:stacksize-cur=3M:
but ulimit -a gives:
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) 1048576
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 2097152
max memory size (kbytes, -m) 2097152
open files (-n) 64
pipe size (512 bytes, -p) 1
stack size (kbytes, -s) 3072
cpu time (seconds, -t) unlimited
max user processes (-u) 160
virtual memory (kbytes, -v) 1051648
So, I can't get data seg size over approx 1G. My guess is that it is
being capped by the virtual memory limit, but I don't know what controls
that. It doesn't seem to correspond to anything listed on login.conf(5).