From owner-freebsd-hackers@FreeBSD.ORG  Thu Apr 24 11:45:53 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 109F637B401
	for <hackers@freebsd.org>; Thu, 24 Apr 2003 11:45:53 -0700 (PDT)
Received: from herbelot.dyndns.org (herbelot.net1.nerim.net [62.212.117.213])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AC35A43FAF
	for <hackers@freebsd.org>; Thu, 24 Apr 2003 11:45:51 -0700 (PDT)
	(envelope-from thierry@herbelot.com)
Received: from diversion.herbelot.nom (diversion.herbelot.nom [192.168.2.6])
	by herbelot.dyndns.org (8.12.6/8.12.6) with ESMTP id h3OIRs0f032264;
	Thu, 24 Apr 2003 20:27:54 +0200 (CEST)
From: Thierry Herbelot <thierry@herbelot.com>
To: philip.reynolds@rfc-networks.ie, hackers@freebsd.org
Date: Thu, 24 Apr 2003 20:45:43 +0200
User-Agent: KMail/1.5.1
References: <001901c309ee$36029070$c601a8c0@oxygen>
	<20030424113630.GA21831@rfc-networks.ie>
In-Reply-To: <20030424113630.GA21831@rfc-networks.ie>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200304242045.43432.thierry@herbelot.com>
Subject: and daemons ? [was Re: Keeping a large shellbox stable and secure]
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Apr 2003 18:45:53 -0000

Le Thursday 24 April 2003 13:36, Philip Reynolds a écrit :
>
> The above program, for instance, should stop after a few seconds
> with an error (something equivalent to resources unavailable)
>
> Some sample settings would be:
>
[example with login.conf]
>

Hello,

login.conf is quite interesting with *interactive* users, but I'm wondering if 
login.conf could also be used to constrain long-running processes, such as 
daemons (you may imagine a list ...)

in the case of long-runnning-processes, a cap on CPU run time seems difficult 
to use : either the cap is too low and the daemon is stopped when it should 
not or the cap is too high, and you may be DOS'ed by a runaway process :-(

obviously, all other parameters can be usefully limited.

has someone played with daemons and resource limits of login.conf ?

	TfH