From owner-freebsd-doc@FreeBSD.ORG  Wed Sep  4 13:00:01 2013
Return-Path: <owner-freebsd-doc@FreeBSD.ORG>
Delivered-To: freebsd-doc@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 8ABF7D40
 for <freebsd-doc@smarthost.ysv.freebsd.org>;
 Wed,  4 Sep 2013 13:00:01 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 6B482217B
 for <freebsd-doc@smarthost.ysv.freebsd.org>;
 Wed,  4 Sep 2013 13:00:01 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r84D01Tq065895
 for <freebsd-doc@freefall.freebsd.org>; Wed, 4 Sep 2013 13:00:01 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r84D013X065894;
 Wed, 4 Sep 2013 13:00:01 GMT (envelope-from gnats)
Resent-Date: Wed, 4 Sep 2013 13:00:01 GMT
Resent-Message-Id: <201309041300.r84D013X065894@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-doc@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, ShelLuser <pl@catslair.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 8EEFEACE
 for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Sep 2013 12:51:01 +0000 (UTC)
 (envelope-from nobody@FreeBSD.org)
Received: from oldred.freebsd.org (oldred.freebsd.org [8.8.178.121])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7D1A720F5
 for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Sep 2013 12:51:01 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
 by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id r84Cp1J2038375
 for <freebsd-gnats-submit@FreeBSD.org>; Wed, 4 Sep 2013 12:51:01 GMT
 (envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
 by oldred.freebsd.org (8.14.5/8.14.5/Submit) id r84Cp108038336;
 Wed, 4 Sep 2013 12:51:01 GMT (envelope-from nobody)
Message-Id: <201309041251.r84Cp108038336@oldred.freebsd.org>
Date: Wed, 4 Sep 2013 12:51:01 GMT
From: ShelLuser <pl@catslair.org>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Subject: docs/181808: Chapter 15.15 (Resource Limits) misses important
 information
X-BeenThere: freebsd-doc@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Documentation project <freebsd-doc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-doc>,
 <mailto:freebsd-doc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-doc>
List-Post: <mailto:freebsd-doc@freebsd.org>
List-Help: <mailto:freebsd-doc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
 <mailto:freebsd-doc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Sep 2013 13:00:01 -0000


>Number:         181808
>Category:       docs
>Synopsis:       Chapter 15.15 (Resource Limits) misses important information
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 04 13:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     ShelLuser
>Release:        9.1-RELEASE
>Organization:
>Environment:
>Description:
Problem:

In order to further secure my system I've build a custom kernel and included the RACCT and RCTL options to provide support for rctl, I've basically followed chapter 15.15 from the Handbook:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security-resourcelimits.html

In my opinion this chapter should either reference or copy the section about resource limits which can be found in chapter 14.4 of the handbook:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/users-limiting.html

I'm referring to (quote:) "Resource limits differ from the default login capabilities in two ways. First, for every limit...".

Motivation:

Because this section claims to be dealing with resource limits as a whole (when looking at the title) I was sort of expecting a section which would try to cover all its bases so to speak. In my opinion the section where it is explained that "most resource limits apply per process to a specific user, not to the user as a whole" is a very important aspect for people new to this.

>How-To-Repeat:

>Fix:
Please note that these are only suggestions:

Above the line "To enable this feature.." (at the top) a small section could be added:

"Although the command is new the resource limits still comply to certain limitations as mentioned in chapter 14.14 of this handbook" (where "chapter 14.14" could be a link).

Another suggestion: at the bottom, after the line "See rctl(8) to learn about them" this could be added:

"Also see chapter 14.14 of this handbook which explains the differences between the default login capabilities and also provides a list of the most commonly used resource limits." (where "chapter 14.14" could also be a link).


>Release-Note:
>Audit-Trail:
>Unformatted: