forked from Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
2.5 KiB
84 lines
2.5 KiB
================================= |
|
Documentation for /proc/sys/user/ |
|
================================= |
|
|
|
kernel version 4.9.0 |
|
|
|
Copyright (c) 2016 Eric Biederman <[email protected]> |
|
|
|
------------------------------------------------------------------------------ |
|
|
|
This file contains the documentation for the sysctl files in |
|
/proc/sys/user. |
|
|
|
The files in this directory can be used to override the default |
|
limits on the number of namespaces and other objects that have |
|
per user per user namespace limits. |
|
|
|
The primary purpose of these limits is to stop programs that |
|
malfunction and attempt to create a ridiculous number of objects, |
|
before the malfunction becomes a system wide problem. It is the |
|
intention that the defaults of these limits are set high enough that |
|
no program in normal operation should run into these limits. |
|
|
|
The creation of per user per user namespace objects are charged to |
|
the user in the user namespace who created the object and |
|
verified to be below the per user limit in that user namespace. |
|
|
|
The creation of objects is also charged to all of the users |
|
who created user namespaces the creation of the object happens |
|
in (user namespaces can be nested) and verified to be below the per user |
|
limits in the user namespaces of those users. |
|
|
|
This recursive counting of created objects ensures that creating a |
|
user namespace does not allow a user to escape their current limits. |
|
|
|
Currently, these files are in /proc/sys/user: |
|
|
|
max_cgroup_namespaces |
|
===================== |
|
|
|
The maximum number of cgroup namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_ipc_namespaces |
|
================== |
|
|
|
The maximum number of ipc namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_mnt_namespaces |
|
================== |
|
|
|
The maximum number of mount namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_net_namespaces |
|
================== |
|
|
|
The maximum number of network namespaces that any user in the |
|
current user namespace may create. |
|
|
|
max_pid_namespaces |
|
================== |
|
|
|
The maximum number of pid namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_time_namespaces |
|
=================== |
|
|
|
The maximum number of time namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_user_namespaces |
|
=================== |
|
|
|
The maximum number of user namespaces that any user in the current |
|
user namespace may create. |
|
|
|
max_uts_namespaces |
|
================== |
|
|
|
The maximum number of user namespaces that any user in the current |
|
user namespace may create.
|
|
|