maxproc per jail
Jille Timmermans
jille at quis.cx
Tue Mar 17 12:44:36 PDT 2009
Nicolas de Bari Embriz Garcia Rojas schreef:
> Hi, thanks for the answer just on question how to setup rlimit for jails
> ? any ideas
I'm sorry for leaving that unclear; there is no rlimit for jails atm.
But if someone wants to create a root-proof protection, I think that is
the way to go. (being able to limit everything that rlimit can limit for
single processes now)
I unfortunately can't find the patch I mentioned, must have lost that
during some disk-crash.
So, I am afraid there is nothing I can do to help you.
-- Jille
>
> regards.
> --
>> nbari
>
> On Mar 17, 2009, at 8:45 AM, Jille Timmermans wrote:
>
>> Nicolas de Bari Embriz Garcia Rojas schreef:
>>> Hi all, it is posible to limite the maxproc per jail ?
>> No, I wrote a patch once; I will take a look whether I still have it
>> somewhere.
>> But the patch only limits the number of processes, not memory nor open
>> files.
>> The best thing to do (I think) is create some rlimit for jails.
>>
>> -- Jille
>>> or how to put a protection to the main host in case the root user of
>>> a jail try to make a fork bom.
>>> regards.
>>> --
>>> > nbari
>
More information about the freebsd-jail
mailing list