[systemd-devel] users and per user limits (tmpfs)
Michał Zegan
webczat_200 at poczta.onet.pl
Tue Apr 28 03:03:11 PDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
(sorry, I haven't sent a reply to the list)
What about namespacing and mounting tmpfs per user? You can specify a
filesystem size when mounting tmpfs can't you?
W dniu 2015-04-28 o 11:48, Michał Piotrowski pisze:
> Hi,
>
> 2015-04-28 11:39 GMT+02:00 Lennart Poettering <mzerqung at 0pointer.de
> <mailto:mzerqung at 0pointer.de>>:
>
> On Tue, 28.04.15 00:55, Michał Zegan (webczat_200 at poczta.onet.pl
> <mailto:webczat_200 at poczta.onet.pl>) wrote:
>
>> Hello.
>>
>> I have discovered how to add resource limits for the user, like
>> how much memory the user can use, or how much cpu time. Here is
>> the problem: /tmp seems a way for the user to circumvent this
>> restriction. Is there a way to protect it too?
>
> Nope. There have been discussions for adding quota to tmpfs, but
> this lead nowhere.
>
>
> https://bugzilla.redhat.com/show_bug.cgi?id=693253
>
>
>
> You can disable tmpfs-on-/tmp, and run it on xfs or ext4 instead
> and use classic per-user quota though.
>
> Lennart
>
> -- Lennart Poettering, Red Hat
> _______________________________________________ systemd-devel
> mailing list systemd-devel at lists.freedesktop.org
> <mailto:systemd-devel at lists.freedesktop.org>
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
>
>
>
> -- Best regards, Michal
>
> http://eventhorizon.pl/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJVP1rcAAoJEHb1CzgxXKwY3cUP/1QD2c/8xh7vck1hbStk8pIE
MwTzcw4ZuNabdhXTtmILoRL/g9n5iAj1KzZfLi8xWnBkZSV8zX/uq6xJAN9dyX8x
sf5/saq5XIf49JmZ4wCLuWM91EeMlHnxQ1nLbK0cnv8i+Bea4Csa8rKlnBaTTO5A
vyxnkIusJKIQMrBuAK6kzOZXCY80ptYfLhCUBN479PCD5REOf79Xl9kYIvPOqzIC
4u4oGoHFGMcWxbTopZpW6LC6Oo/dv7oUqkafobj00q8EmUXFaNYF3zBJaDcGsyxi
ZHaZMJwGOYocPeK+VL8iKUVBjJA2p7oBfK6DvrvLm2Zj606Mc4TJAxqA6UHq14c0
7k2QJv1kLMZAZL89anRj+u8+bFjO1v3WF/OA9hw8XLBWoesH9zP9c8dw81GKdxMc
VuWPldyD/8XRd4X2CRIotrU6hjQtNevdzU5sOCHgrEmq9EDkNt4sBMLvm/EnkcT1
eUTtNnBhml/B3NgPYwsWJo/fLa4r2AorWe837bwCy5lBClBMsizSHrWHoaoHGj6j
dGbuI12h9F4ZDzatHL59i7BlKH4rAOMjvwwh1LH2POFCrnwkfucJV+Gl0sq9c8h1
c/A/CGQrhXHDVsJqBfW4SUeNAWT349RbfyJCXWOQa7GqvJ+xsx5OwhcuH2mdQzdO
QZw2sm1j5sgTdgoCPrn/
=ityG
-----END PGP SIGNATURE-----
More information about the systemd-devel
mailing list