How to restrict the number of processes a user can start?

Question

We tried /etc/security/limits.conf, but that seems to have no effect.

The used line for limits.conf looks as follows:

myuser hard nproc 6

That is configuration for a server. I want to limit the processes started. Ulimit limits the processes started from the shell (if I understand that right). But in my case apache starts mapserver-processes, and that number have to be limited.

What's the exact line you have in limits.conf? Update the question with it if you could. — Ken Simon, Dec 08 '10 at 14:50
There is a similar question on serverfault: how to limit the number of simultaneous processes ? — Lekensteyn, Dec 08 '10 at 14:53
Logout all instances of myuser before testing,as the limits are set upon login.Also see this http://ss64.com/bash/limits.conf.html — karthick87, Dec 08 '10 at 15:35
/etc/security/limits.conf is a configuration file for PAM's pam_limits module, but Apache isn't spawning processes through PAM, so it will have no effect. — Kees Cook, Dec 08 '10 at 21:32

score 1 · Answer 1 · answered Dec 08 '10 at 23:53

1

This is not the ideal solution because it can interfere with apache upgrades, but it should work.

Edit /etc/init.d/apache2, on the top of the script (new line after the #!/bin/sh) add the required ulimit, example:

ulimit -u 1024

answered Dec 08 '10 at 23:53

João Pinto

17,343

How to restrict the number of processes a user can start?

1 Answers1