On Wed, 2005-03-23 at 15:27 +0100, Max Kellermann wrote: > On 2005/03/23 15:23, Natanael Copa <[EMAIL PROTECTED]> wrote: > > On Wed, 2005-03-23 at 14:53 +0100, Max Kellermann wrote: > > > The number of processes is counted per user, but CPU time and memory > > > consumption is counted per process. > > > > So limiting maximum number of processes will automatically limit CPU > > time and memory consumption per user? > > No. I was talking about RLIMIT_CPU and RLIMIT_DATA, compared to > RLIMIT_NPROC. RLIMIT_NPROC limits the number of processes for that > user, nothing else (slightly simplified explanation).
Yes, but if RLIMIT_NPROC is per user and RLIMIT_CPU is per proc the theoretical CPU limit per user is RLIMIT_NPROC * RLIMIT_CPU. So if you half the RLIMIT_NPROC you will half the theoretical maximum CPU limit per user. Same with memory. I don't know if that really solves anything, but a misbehaving process (fork bomb) would need to consume the double RAM or CPU to do the same "damage" if RLIMIT_NPROC is halved. -- Natanael Copa - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/