-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (sorry, I haven't sent a reply to the list) What about namespacing and mounting tmpfs per user? You can specify a filesystem size when mounting tmpfs can't you?
W dniu 2015-04-28 o 11:48, Michał Piotrowski pisze: > Hi, > > 2015-04-28 11:39 GMT+02:00 Lennart Poettering <mzerq...@0pointer.de > <mailto:mzerq...@0pointer.de>>: > > On Tue, 28.04.15 00:55, Michał Zegan (webczat_...@poczta.onet.pl > <mailto:webczat_...@poczta.onet.pl>) wrote: > >> Hello. >> >> I have discovered how to add resource limits for the user, like >> how much memory the user can use, or how much cpu time. Here is >> the problem: /tmp seems a way for the user to circumvent this >> restriction. Is there a way to protect it too? > > Nope. There have been discussions for adding quota to tmpfs, but > this lead nowhere. > > > https://bugzilla.redhat.com/show_bug.cgi?id=693253 > > > > You can disable tmpfs-on-/tmp, and run it on xfs or ext4 instead > and use classic per-user quota though. > > Lennart > > -- Lennart Poettering, Red Hat > _______________________________________________ systemd-devel > mailing list systemd-devel@lists.freedesktop.org > <mailto:systemd-devel@lists.freedesktop.org> > http://lists.freedesktop.org/mailman/listinfo/systemd-devel > > > > > -- Best regards, Michal > > http://eventhorizon.pl/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVP1rcAAoJEHb1CzgxXKwY3cUP/1QD2c/8xh7vck1hbStk8pIE MwTzcw4ZuNabdhXTtmILoRL/g9n5iAj1KzZfLi8xWnBkZSV8zX/uq6xJAN9dyX8x sf5/saq5XIf49JmZ4wCLuWM91EeMlHnxQ1nLbK0cnv8i+Bea4Csa8rKlnBaTTO5A vyxnkIusJKIQMrBuAK6kzOZXCY80ptYfLhCUBN479PCD5REOf79Xl9kYIvPOqzIC 4u4oGoHFGMcWxbTopZpW6LC6Oo/dv7oUqkafobj00q8EmUXFaNYF3zBJaDcGsyxi ZHaZMJwGOYocPeK+VL8iKUVBjJA2p7oBfK6DvrvLm2Zj606Mc4TJAxqA6UHq14c0 7k2QJv1kLMZAZL89anRj+u8+bFjO1v3WF/OA9hw8XLBWoesH9zP9c8dw81GKdxMc VuWPldyD/8XRd4X2CRIotrU6hjQtNevdzU5sOCHgrEmq9EDkNt4sBMLvm/EnkcT1 eUTtNnBhml/B3NgPYwsWJo/fLa4r2AorWe837bwCy5lBClBMsizSHrWHoaoHGj6j dGbuI12h9F4ZDzatHL59i7BlKH4rAOMjvwwh1LH2POFCrnwkfucJV+Gl0sq9c8h1 c/A/CGQrhXHDVsJqBfW4SUeNAWT349RbfyJCXWOQa7GqvJ+xsx5OwhcuH2mdQzdO QZw2sm1j5sgTdgoCPrn/ =ityG -----END PGP SIGNATURE----- _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
