From owner-svn-src-all@FreeBSD.ORG Tue Dec 18 07:27:51 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 940921A3; Tue, 18 Dec 2012 07:27:51 +0000 (UTC) (envelope-from zont@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 781A98FC0A; Tue, 18 Dec 2012 07:27:51 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qBI7Rp2x084373; Tue, 18 Dec 2012 07:27:51 GMT (envelope-from zont@svn.freebsd.org) Received: (from zont@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qBI7Rp0t084371; Tue, 18 Dec 2012 07:27:51 GMT (envelope-from zont@svn.freebsd.org) Message-Id: <201212180727.qBI7Rp0t084371@svn.freebsd.org> From: Andrey Zonov Date: Tue, 18 Dec 2012 07:27:51 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r244383 - head/etc X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Dec 2012 07:27:51 -0000 Author: zont Date: Tue Dec 18 07:27:50 2012 New Revision: 244383 URL: http://svnweb.freebsd.org/changeset/base/244383 Log: - Set memorylocked limit to 64Kb for default login class. This prevents unprivileged users to lock too much memory. - Set memorylocked limit to 64Mb for daemon login class. Some daemons such as amd(8) and watchdogd(8) calls mlockall(2) on startup, they are run from init(8) which uses daemon login class. - Set memorylocked limit to unlimited for root login class. Suggested by: avg Approved by: kib (mentor) MFC after: 1 week Modified: head/etc/login.conf Modified: head/etc/login.conf ============================================================================== --- head/etc/login.conf Tue Dec 18 07:26:55 2012 (r244382) +++ head/etc/login.conf Tue Dec 18 07:27:50 2012 (r244383) @@ -32,7 +32,7 @@ default:\ :cputime=unlimited:\ :datasize=unlimited:\ :stacksize=unlimited:\ - :memorylocked=unlimited:\ + :memorylocked=64K:\ :memoryuse=unlimited:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ @@ -59,6 +59,7 @@ xuser:\ staff:\ :tc=default: daemon:\ + :memorylocked=64M:\ :tc=default: news:\ :tc=default: @@ -72,6 +73,7 @@ dialer:\ # in preference to 'default'. root:\ :ignorenologin:\ + :memorylocked=unlimited:\ :tc=default: #