[MLton] NetBSD limits

Matthew Fluet fluet@cs.cornell.edu
Mon, 29 May 2006 19:33:12 -0400 (EDT)


> Use vipw(8) to set your login class in /etc/passwd and its shadow db
> (/etc/master.passwd). Man page is passwd(5).
>
> Create /etc/login.conf to contain a capability on the resource limits
> which suits you. Refer to the class from before. Relevant man-page is
> login.conf(5).
>
> Run cap_mkdb on the login.conf file to get its (hash-table) capability
> database built. man page: cap_mkdb(1).
>
> Login with the user. Verify everything is right with ulimit and that the
> capability database gets read correctly.

Thanks.  One thing I learned the hard way -- make sure you also add a 
'default' class to login.conf.  Otherwise, something in the login fails, 
and PAM rejects the login -- including 'root' login.  I had to reset 
the machine, boot from CD, fsck and mount the root partition and delete 
/etc/login.conf to regain control of the system.  (God bless VMWare.)

One oddity remains.  My login.conf looks like:

default|Default user:\
 	:datasize-max=3072M:\
 	:datasize-cur=2048M:\
 	:memorylocked-max=3072M:\
 	:memorylocked-cur=2048M:\
 	:memoryuse-max=3072M:\
 	:memoryuse-cur=2048M:\
 	:stacksize-max=4M:\
 	:stacksize-cur=3M:

but ulimit -a gives:

core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) 1048576
file size               (blocks, -f) unlimited
max locked memory       (kbytes, -l) 2097152
max memory size         (kbytes, -m) 2097152
open files                      (-n) 64
pipe size            (512 bytes, -p) 1
stack size              (kbytes, -s) 3072
cpu time               (seconds, -t) unlimited
max user processes              (-u) 160
virtual memory          (kbytes, -v) 1051648

So, I can't get data seg size over approx 1G.  My guess is that it is 
being capped by the virtual memory limit, but I don't know what controls 
that.  It doesn't seem to correspond to anything listed on login.conf(5).