From cf2fc5ff7b4a8555fda2a5ebe5f6ab0e45c22996 Mon Sep 17 00:00:00 2001 From: Stefan Schubert Date: Tue, 25 Oct 2022 16:29:41 +0200 Subject: doc: Update PAM documentation from DockBook 4 to DocBook 5 Changed files -------------- Make.xml.rules.in: - Using RNG file instead of DTD file for checking XML files. - Taking the correct stylesheet for README files. doc/sag/Makefile.am, doc/adg/Makefile.am, doc/mwg/Makefile.am: - Using RNG file instead of DTD file for checking XML files. configure.ac: - Adding a new option for selecting RNG check file (-enable-docbook-rng) - Switching stylesheets to docbook 5 - Checking DocBook 5 environment instead of DocBook 4 environment *.xml: Update from DockBook 4 to DocBook 5 --- modules/pam_limits/README.xml | 32 +++------- modules/pam_limits/limits.conf.5.xml | 111 ++++++++++++++++------------------- modules/pam_limits/pam_limits.8.xml | 55 ++++++++--------- 3 files changed, 86 insertions(+), 112 deletions(-) (limited to 'modules/pam_limits') diff --git a/modules/pam_limits/README.xml b/modules/pam_limits/README.xml index 964a5a21..25a463cc 100644 --- a/modules/pam_limits/README.xml +++ b/modules/pam_limits/README.xml @@ -1,39 +1,23 @@ - - ---> - -]> +
-
- - + - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_limits.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_limits-name"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_limits.8.xml" xpointer='xpointer(id("pam_limits-name")/*)'/> - +
- +
- +
- +
-
+
\ No newline at end of file diff --git a/modules/pam_limits/limits.conf.5.xml b/modules/pam_limits/limits.conf.5.xml index c5bd6768..2177da1f 100644 --- a/modules/pam_limits/limits.conf.5.xml +++ b/modules/pam_limits/limits.conf.5.xml @@ -1,13 +1,10 @@ - - - - + limits.conf 5 - Linux-PAM Manual + Linux-PAM + Linux-PAM Manual @@ -15,7 +12,7 @@ configuration file for the pam_limits module - + DESCRIPTION The pam_limits.so module applies ulimit limits, @@ -38,7 +35,7 @@ - + <domain> @@ -49,38 +46,35 @@ - a groupname, with @group syntax. + a groupname, with @group syntax. This should not be confused with netgroups. - the wildcard *, for default entry. + the wildcard *, for default entry. - the wildcard %, for maxlogins limit only, - can also be used with %group syntax. If the - % wildcard is used alone it is identical - to using * with maxsyslogins limit. With - a group specified after % it limits the total + the wildcard %, for maxlogins limit only, + can also be used with %group syntax. If the + % wildcard is used alone it is identical + to using * with maxsyslogins limit. With + a group specified after % it limits the total number of logins of all users that are member of the group. - an uid range specified as <min_uid>:<max_uid>. If min_uid + an uid range specified as <min_uid>:<max_uid>. If min_uid is omitted, the match is exact for the max_uid. If max_uid is omitted, all uids greater than or equal min_uid match. - a gid range specified as @<min_gid>:<max_gid>. If min_gid + a gid range specified as @<min_gid>:<max_gid>. If min_gid is omitted, the match is exact for the max_gid. If max_gid is omitted, all gids greater than or equal min_gid match. For the exact match all groups including the user's supplementary groups are examined. For the range matches only @@ -89,8 +83,7 @@ - a gid specified as %:<gid> applicable + a gid specified as %:<gid> applicable to maxlogins limit only. It limits the total number of logins of all users that are member of the group with the specified gid. @@ -101,38 +94,38 @@ - + <type> - + hard - for enforcing hard resource limits. + for enforcing hard resource limits. These limits are set by the superuser and enforced by the Kernel. The user cannot raise his requirement of system resources above such values. - + soft - for enforcing soft resource limits. + for enforcing soft resource limits. These limits are ones that the user can move up or down within the - permitted range by any pre-existing hard + permitted range by any pre-existing hard limits. The values specified with this token can be thought of as default values, for normal system usage. - + - - for enforcing both soft and - hard resource limits together. + for enforcing both soft and + hard resource limits together. Note, if you specify a type of '-' but neglect to supply the @@ -147,79 +140,79 @@ - + <item> - + core limits the core file size (KB) - + data maximum data size (KB) - + fsize maximum filesize (KB) - + memlock maximum locked-in-memory address space (KB) - + nofile maximum number of open file descriptors - + rss maximum resident set size (KB) (Ignored in Linux 2.4.30 and higher) - + stack maximum stack size (KB) - + cpu maximum CPU time (minutes) - + nproc maximum number of processes - + as address space limit (KB) - + maxlogins maximum number of logins for this user (this limit does not apply to user with uid=0) - + maxsyslogins maximum number of all logins on system; user is not allowed to log-in if total number of all user logins is @@ -228,46 +221,46 @@ - + nonewprivs value of 0 or 1; if set to 1 disables acquiring new privileges by invoking prctl(PR_SET_NO_NEW_PRIVS) - + priority the priority to run user process with (negative values boost process priority) - + locks maximum locked files (Linux 2.4 and higher) - + sigpending maximum number of pending signals (Linux 2.6 and higher) - + msgqueue maximum memory used by POSIX message queues (bytes) (Linux 2.6 and higher) - + nice maximum nice priority allowed to raise to (Linux 2.6.12 and higher) values: [-20,19] - + rtprio maximum realtime priority allowed for non-privileged processes (Linux 2.6.12 and higher) @@ -281,9 +274,9 @@ All items support the values -1, unlimited or infinity indicating no limit, - except for priority, nice, - and nonewprivs. - If nofile is to be set to one of these values, + except for priority, nice, + and nonewprivs. + If nofile is to be set to one of these values, it will be set to the contents of /proc/sys/fs/nr_open instead (see setrlimit(3)). @@ -309,7 +302,7 @@ In the limits configuration file, the - '#' character introduces a comment + '#' character introduces a comment - after which the rest of the line is ignored. @@ -319,7 +312,7 @@ - + EXAMPLES These are some example lines which might be specified in @@ -340,7 +333,7 @@ ftp hard nproc 0 - + SEE ALSO pam_limits8, @@ -351,10 +344,10 @@ ftp hard nproc 0 - + AUTHOR pam_limits was initially written by Cristian Gafton <gafton@redhat.com> - + \ No newline at end of file diff --git a/modules/pam_limits/pam_limits.8.xml b/modules/pam_limits/pam_limits.8.xml index 422924fe..cca046cc 100644 --- a/modules/pam_limits/pam_limits.8.xml +++ b/modules/pam_limits/pam_limits.8.xml @@ -1,16 +1,13 @@ - - - - + pam_limits 8 - Linux-PAM Manual + Linux-PAM + Linux-PAM Manual - + pam_limits PAM module to limit resources @@ -20,28 +17,28 @@ - + pam_limits.so - + conf=/path/to/limits.conf - + debug - + set_all - + utmp_early - + noaudit - + DESCRIPTION The pam_limits PAM module sets limits on the system resources that can be @@ -84,12 +81,12 @@ - + OPTIONS - + conf=/path/to/limits.conf @@ -100,7 +97,7 @@ - + debug @@ -110,7 +107,7 @@ - + set_all @@ -124,7 +121,7 @@ - + utmp_early @@ -139,7 +136,7 @@ - + noaudit @@ -150,14 +147,14 @@ - + MODULE TYPES PROVIDED Only the module type is provided. - + RETURN VALUES @@ -219,17 +216,17 @@ - + FILES - /etc/security/limits.conf + /etc/security/limits.conf Default configuration file - %vendordir%/security/limits.conf + %vendordir%/security/limits.conf Default configuration file if /etc/security/limits.conf does not exist. @@ -238,7 +235,7 @@ - + EXAMPLES For the services you need resources limits (login for example) put a @@ -257,7 +254,7 @@ session required pam_limits.so - + SEE ALSO @@ -272,10 +269,10 @@ session required pam_limits.so - + AUTHORS pam_limits was initially written by Cristian Gafton <gafton@redhat.com> - + \ No newline at end of file -- cgit v1.2.3