From owner-freebsd-current@FreeBSD.ORG Mon Oct 18 19:38:03 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0669416A4CE for ; Mon, 18 Oct 2004 19:38:03 +0000 (GMT) Received: from virtual.micronet.sk (smtp-r.micronet.sk [213.215.96.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id F152343D31 for ; Mon, 18 Oct 2004 19:38:01 +0000 (GMT) (envelope-from danger@wilbury.sk) Received: from danger.dnv.dewnet.sk ([213.215.105.189]) by virtual.micronet.sk (8.12.11/8.12.11) with ESMTP id i9IJberB074750 for ; Mon, 18 Oct 2004 21:37:43 +0200 (CEST) (envelope-from danger@wilbury.sk) Resent-Date: Mon, 18 Oct 2004 21:37:40 +0200 (CEST) Resent-Message-Id: <200410181937.i9IJberB074750@virtual.micronet.sk> Date: Mon, 18 Oct 2004 21:39:06 +0200 From: DanGer X-Mailer: The Bat! (v2.12.00) Business X-Priority: 3 (Normal) Message-ID: <1158048095.20041018213906@wilbury.sk> To: current@freebsd.org Resent-From: DanGer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re[2]: limits of maxproc on SUN E450 with FreeBSD 5.3 Beta7 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: DanGer List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Oct 2004 19:38:03 -0000 Hello Doug, Monday, October 18, 2004, 7:57:53 PM, you wrote: > On Fri, 15 Oct 2004, Borghesi Guilhem wrote: >> I've installed a FreeBSD 5.3 Beta7 on a Sun sparc64 Enterprise 450. >> This machine is a Terminal and application server for University >> students. They are using this server for system programming (C for >> example) and they often use the command "fork ()" into "while" loops. > We call that a "forkbomb." >> This kind of bad programming is quite frequent at the university, and >> that's the reason why I'm trying to limit the number of maxproc per >> user. I've limited the maxproc with the /etc/login.conf file at 100 and >> make a "cap_mkdb /etc/login.conf", but it doesn't work. Worst, when the I'm not very sure about this, but, did you turned on in /etc/ssh/sshd_config option UseLogin? like UseLogin yes >> number of processes reach the limit, the server crash with the console >> message :"panic: trap: data access error". >> >> I've tried to put "unlimited" in place of "100", but it does'nt change >> anything because the system has an implicit limit for users >> (kern.maxprocperuid: 5547). > It should change the soft limit on maxproc, and the kernel sysctl is the > hard limit. The user can change the limit up to the hard limit, but it > will start out at the soft limit. > What as the exact change you made to login.conf? Did you test it after > logging out and logging back in? How were you logging in? > Obviously, the panic isn't such a great thing. Did you get a crashdump? -- Best regards +----------==/\/\==----------+ | DanGer | | DanGer@IRCnet ICQ261701668 | | http://danger.homeunix.org | +----------==\/\/==----------+