From owner-freebsd-hackers@FreeBSD.ORG  Thu Apr 24 07:42:39 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D420F37B404
	for <hackers@freebsd.org>; Thu, 24 Apr 2003 07:42:39 -0700 (PDT)
Received: from genua.rfc-networks.ie (genua.rfc-networks.ie [62.77.182.178])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2B02B43F93
	for <hackers@freebsd.org>; Thu, 24 Apr 2003 07:42:38 -0700 (PDT)
	(envelope-from philip.reynolds@rfc-networks.ie)
Received: from tear.domain (unknown [10.0.1.254])
	by mail.rfc-networks.ie (Postfix) with ESMTP id EB53354F65
	for <hackers@freebsd.org>; Thu, 24 Apr 2003 12:36:30 +0100 (IST)
Received: by tear.domain (Postfix, from userid 1000)
	id 0A1DD21150; Thu, 24 Apr 2003 11:36:31 +0000 (GMT)
Date: Thu, 24 Apr 2003 11:36:31 +0000
From: Philip Reynolds <philip.reynolds@rfc-networks.ie>
To: hackers@freebsd.org
Message-ID: <20030424113630.GA21831@rfc-networks.ie>
References: <001901c309ee$36029070$c601a8c0@oxygen>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <001901c309ee$36029070$c601a8c0@oxygen>
X-Operating-System: FreeBSD 4.7-STABLE
X-URL: http://www.rfc-networks.ie
Subject: Re: Keeping a large shellbox stable and secure
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: philip.reynolds@rfc-networks.ie
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Apr 2003 14:42:40 -0000

Peter <pfak@telus.net> 43 lines of wisdom included:
> Are there any proven methods that you have used? System tweaks, etc. That
> seem to work under high system loads? Such as sysctl.conf, rc.conf, etc.

login.conf should be all you need to keep the ulimits of users down.

Give users finite CPU time, VM size (and whatever other options you
can) etc.

Play around with it before you let users on the box. Try a few
sample C programs to see if you can crash the box

--------------------8<---------------------
/* The timeless while(1) fork(); program */

#include <sys/types.h>
#include <unistd.h>

int
main(int argc, char **argv)
{
	while(1)
		fork();
}

-------------------->8---------------------

The above program, for instance, should stop after a few seconds
with an error (something equivalent to resources unavailable) 

Some sample settings would be:

default:\
## ...
	:cputime=500:\
	:datasize=50M:\
	:stacksize:40M:\
	:memorylocked=30M:\
	:memoryuse=30M:\
	:filesize=50M:\
	:openfiles=300:\
	:maxproc=50:\
	:sbsize=50M:\
	:vmemoryuse=75M:\
	:priority=0:

There might be some things I left out there (core file size etc.)
and some other settings. You're going to need to tweak these
settings according to your machine specifications and how high a
load your system is under.

Remember to run ``cap_mkdb /etc/login.conf'' after changes to the file.

-- 
Philip Reynolds                      | RFC Networks Ltd.
philip.reynolds@rfc-networks.ie      | +353 (0)1 8832063
http://people.rfc-networks.ie/~phil  | www.rfc-networks.ie