[systemd-devel] Put some users to a different slice?

Frank Steiner fsteiner-mail1 at bio.ifi.lmu.de
Tue Jun 25 09:57:07 UTC 2024


Hi,

I'd like to put a subgroup of our users into a separate slice (below
the user slice), so that they could be restricted further than the other
users.

As far as I read there is no way to restrict resources based on
user groups. But I wouldn't mind to add a config for each of these
users, so I first tried /etc/systemd/system/user at 4242.service.d/test.conf:

[Service]
Slice=user-test.slice

This indeed creates user-test.slice at login with

│ ├─user-test.slice
│ │ └─user at 4242.service
│ │   └─init.scope
│ │     ├─ 2160 /usr/lib/systemd/systemd --user
│ │     └─ 2161 (sd-pam)


But the rest of the processes again goes to
│ ├─user-4242.slice
│ │ └─session-1438.scope
│ │   ├─ 3072 sshd: tester [priv]
│ │   ├─ 3074 sshd: tester at pts/8
│ │   ├─ 3083 -tcsh
│ │   ├─ 3162 systemd-cgls
│ │   └─ 3163 less


Is there a way (with a drop-in config or any other method) to have
all processes of a user go below the user-test.slice? And furthermore,
put several users below a single user-test.slice?

Thanks a lot!
cu,
Frank


-- 
Dipl.-Inform. Frank Steiner   Web:  http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik    Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17           Phone: +49 89 2180-4049
80333 Muenchen, Germany       Fax:   +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *


More information about the systemd-devel mailing list