Hi, On Wed, Sep 09, 2009 at 02:13:24PM -0400, Etienne Goyer wrote: > Limits that you set in /etc/security/limits.conf are applied by the > pam_limits.so PAM module. The PAM stack is configured in the various > files you can find under /etc/pam.d/. Explaining how to configure PAM > would be a bit long, so I refer you to the Linux PAM System > Administrator Guide I linked to in my previous post for further details. > > That being said, I am afraid my last post was misleading, because PAM do > not apply to daemons and services started by init AFAIK. As such, I am > not sure how you would impose ulimit on daemon, but that is surely not > through /etc/security/limits.conf. I will leave it to someone else to > suggest a proper approach for your use-case.
While start-stop-daemon does not yet support[1] setting ulimits, you should be able to add a ulimit call to your service's init script directly. Though that is a bit of a hack. :) In the future, once services have migrated to using Upstart, you can set limits more easily. (See "limit"[2]) -Kees [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302079 [2] http://upstart.ubuntu.com/wiki/Stanzas -- Kees Cook Ubuntu Security Team -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
