no /etc/limits ?
hello
i've been reading about creating limits. one way is to edit /etc/limits according to man limits. does that work in slackware? do i have to enable something? /etc/limits does not exist. i created one and it doesn't seem to limit anything, here's what i put into it: Code:
dude L2D2048U4 i am new to this security business :) thanks in advance. |
Have you tried looking in /etc/login.defs? There's a ulimit section in there.
--Dane |
no. is that file used by `login`?
i just realized the file i created does work. only not over ssh. isn't that weird? when loggin on directly at the machine or over telnet all the limits seem to be in place. i have spent hours now trying to figure out why ssh logins ignore the /etc/limits file. only suggestion i found was to enable UseLogin in sshd_config but then i cannot log in at all: Code:
~$ ssh 10.0.0.2 maybe i just need some sleep cheers |
Exactly what kind of limit are you trying to put into place? Are you trying to stop forkbombs? A little clarification would be helpful.
--Dane |
i have no specifics in mind. i want to make a secure linux system. people would have normal shell access (i hope that's possible)
forkbombs are one problem, but using up all the memory is just as bad. there are many things i want to take care of but for now the stuff described in `man limits` |
Did you try in login.defs as DaneM suggested? That file is read everytime you authentificate.
|
the ULIMIT option in login.defs is entirely different.
the limits infrastracture exists in slackware as in every other linux distribution. I don't know why slackware doesn't ship with a sample /etc/limits, but if you create it yourself it works perfectly. /bin/login reads it. I use it for a long time. The most easy options are the following: N: max number of open files U: max number of processes (stop forkbombs) L: max number of logins for this user. (There are other very useful options too, but you can easily mess your system, that is why i don't mention them) if you try "man limits" you get a very simple description of it. If you google, there are very good tutorials for it. If i remember correctly the PAM version of limits (limits.conf) uses a different syntax. I mention this so that when you read some articles you don't get confused about what is written. You can very easily convert the PAM syntax to yours. Hope i helped. |
Quote:
i tried it anyway. it's ignored. Quote:
thanks everyone for trying to help. |
All times are GMT -5. The time now is 04:36 AM. |