-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
pam_limits???
README.pam_limits from eServ
2.3.1:
- ------------------------------------------------------------------------
- -------
pam_limits module:
Imposing user limits on login.
THEORY OF OPERATION:
First, make a root-only-readable file (/etc/limits by default or
LIMITS_FILE
defined Makefile) that describes the resource limits you wish to
impose. No
limits are imposed on UID 0 accounts.
Each line describes a limit for a user in the form:
<domain> <type> <item> <value>
Where:
<domain> can be:
- an user name
- a group name, with @group syntax
- the wildcard *, for default entry
<type> can have the two values:
- "soft" for enforcinf the soft limits
- "hard" for enforcing hard limits
<item> can be one of the following:
- core - limits the core file size (KB)
- data - max data size (KB)
- fsize - maximum filesize (KB)
- memlock - max locked-in-memory address space (KB)
- nofile - max number of open files
- rss - max resident set size (KB)
- stack - max stack size (KB)
- cpu - max CPU time (MIN)
- nproc - max number of processes
- as - address space limit
- maxlogins - max number of logins for this user
- maxsyslogins - max number of logins on the system
To completely disable limits for a user (or a group), a single dash (-)
will do (Example: 'bin -', '@admin -'). Please remember that individual
limits have priority over group limits, so if you impose no limits for
admin
group, but one of the members in this group have a limits line, the
user
will have its limits set according to this line.
Also, please note that all limit settings are set PER LOGIN. They are
not global, nor are they permanent (the session only)
In the LIMITS_FILE, the # character introduces a comment - the rest of
the
line is ignored.
The pam_limits module does its best to report configuration problems
found
in LIMITS_FILE via syslog.
EXAMPLE configuration file:
===========================
* soft core 0
* hard rss 10000
@student hard nproc 20
@faculty soft nproc 20
@faculty hard nproc 50
ftp hard nproc 0
@student - maxlogins 4
ARGUMENTS RECOGNIZED:
debug verbose logging
conf=/path/to/file the limits configuration file if different from
the
one set at compile time.
MODULE SERVICES PROVIDED:
session _open_session and _close_session (blank)
USAGE:
For the services you need resources limits (login for example)
put a
the following line in /etc/pam.conf as the last line for that
service (usually after the pam_unix session line:
login session required /lib/security/pam_limits.so
Replace "login" for each service you are using this module,
replace
"/lib/security" path with your real modules path.
AUTHOR:
Cristian Gafton <[EMAIL PROTECTED]>
Thanks to Elliot Lee <[EMAIL PROTECTED]> for his comments on
improving thi
module.
- ------------------------------------------------------------------------
- -------
On Fri, 4 Jan 2002 13:17:52 -0500, Douglas J Hunley wrote:
>anyone know of any hacks/methods/etc to limit a particular userid to only one
>login at a time?
>
>i.e. admin #1 logs in as root to do something, meanwhile admin #2 sshes into
>machine as root to do something, but is not allowed to log in.
>
>just trying to keep people from tripping over each other ;)
>
>and skip the 'give em seperate accounts' and the 'use su' ..
>I'm looking for other solutions thanks
>--
>Douglas J Hunley (doug at hunley.homeip.net) - Linux User #174778
>Admin: Linux StepByStep - http://linux.nf
>
>panic("Foooooooood fight!");
> 2.2.16 /usr/src/linux/drivers/scsi/aha1542.c
>_______________________________________________
>Linux-users mailing list
>Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
Federico Voges
Socio gerente
Intrasoft
Malabia 2137 14 A
(1425) Buenos Aires
Argentina
Te/Fax: 54-11-4833-5182
e-mail: [EMAIL PROTECTED]
Web: http://www.intrasoft.com.ar
PGP Public Key Fingerprint: A536 4595 EB6F D197 FBC1 5C3A 145C 2516
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its
affiliated companies.
iQA/AwUBPDX/WhRcJRaVKt4XEQLi2QCffsZvLO6gIEsvbBVmZHyubCaSwNUAoKjU
rL0BmtMl1RWtGC8ba68TX6Tt
=jmaE
-----END PGP SIGNATURE-----
_______________________________________________
Linux-users mailing list
Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
