Date: Wed, 17 Sep 1997 17:45:27 +1100 From: David Nugent <davidn@labs.usn.blaze.net.au> To: John Hay <jhay@mikom.csir.co.za> Cc: hackers@freebsd.org Subject: Re: login classes Message-ID: <E0xBDrb-0000iv-00@labs.usn.blaze.net.au> In-Reply-To: Your message of "Sat, 17 Sep 1997 08:22:02 %2B0200." <199709170622.IAA11373@zibbi.mikom.csir.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> But if the shipped defaults does not work for most people, shouldn't > the shipped defaults change? Sorry, but I don't class one or two problems as "most people". In fact, the defaults do seem to work for "most people". Of course it won't suit everyone. I run a single-user system here with the default login.conf and the only allowance I make for login classes is to invoke xdm via limits(1) to force use of the "xuser" resources. xdm should be handling this itself, but doesn't yet. Similarly, ppp and pppd running in server mode with auto-login (ie. invoked from getty) should use a class of its own rather than daemon which is inherited from getty. > are used as single-user machines, so maybe we should ship it with > more relaxed limits? At the moment the shipped defaults does not > seem to work for anything that I have, which is news servers, web > servers, development servers, mail servers or personal machines. "news" has a class of its own. The default startup for inn should use it, which is up to the port maintainer to do. I'm not sure what problems you're having with web servers, since in addition to the servers I run I have several clients, some of whom are receiving 20000+ hits per day and running 90-100 virtual domains, all using the standard daemon resources. The only problem I've ever run into is with named on a machine with lots of ip aliases, and only then if you do a restart. This is actually a problem with named which I believe has been fixed in the 8.x releases, but not with the one in FreeBSD. Samba I have no experience with whatsoever. Perhaps it is a special case that needs some attention by whoever integrated it into FreeBSD. Which *specific* limits are you running into problems with? Personally I think that conservative limits are better as defaults, if, in fact, they are conservative limits - those originally committed where less than what they are now. Better to fix it on a per-machine basis as required than have complaints that users on a public system are easily able to crash the system by doing fork() bombs or similar. Regards, David
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0xBDrb-0000iv-00>