Date: Tue, 1 Mar 2011 22:12:07 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: =?ISO-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> Cc: "arch@" <freebsd-arch@freebsd.org> Subject: Re: Adding setloginclass(2) and getloginclass(2). Message-ID: <alpine.BSF.2.00.1103012211290.52352@fledge.watson.org> In-Reply-To: <41A35BDD-7EF0-47C5-BA3D-2E3F9C9C5540@FreeBSD.org> References: <41A35BDD-7EF0-47C5-BA3D-2E3F9C9C5540@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --621616949-1238814302-1299017527=:52352 Content-Type: TEXT/PLAIN; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 8BIT On Tue, 1 Mar 2011, Edward Tomasz Napierała wrote: > At http://people.freebsd.org/~trasz/loginclass.diff, you can find a patch > that adds login class information to the kernel. The patch does not contain > changes to autogenerated files; to test it, do "make sysent" in sys/kern/ > and sys/compat/freebsd32/. > > The patch itself doesn't add much user-visible functionality, although being > able to do "ps aux -o class" might be useful. However, login classes are a > prerequisite for RCTL, aka Resource Containers - system administrator can > use rules such as "loginclass:users:nproc:deny=100/user", to replace > resource limits usually defined in login.conf(5), or use rule such as > "loginclass:users:nproc:deny=100/loginclass", to limit the number of > processes for the whole login class, achieving something similar to SunOS > "projects". > > Since this involves adding two new syscalls, I'd like to hear some opinion > about it - it's hard to change these afterwards. Could you say a little about how you hande jails/chroots/etc? Robert --621616949-1238814302-1299017527=:52352--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1103012211290.52352>