I usually ad this to the bottom of /etc/security/limits.conf * soft nofile 4096 * hard nofile 8192
and I set the ulimits in /etc/profile. This seems to do the trick for me. Now, if only I could increase the number of threads I can run with IBM Java. As soon as you dick about with libc to increase the system threads, it coredumps. -- Ian Cass ----- Original Message ----- From: "Wayne Tucker" <[EMAIL PROTECTED]> To: "Russell Coker" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, March 12, 2002 8:03 PM Subject: Re: maximum number of processes on kernel 2.4.x > On Tue, Mar 12, 2002 at 12:15:26PM +0100, Russell Coker wrote: > > BTW, why exactly do you need to have so many root owned processes? > > > > Every root owned process is a potential security hole. Is it possible to > > make some of these things use non-root? > > The server is running CommuniGate Pro, which must be run as root. I'm > not particularly comfortable with the idea myself, but since the > server is only doing email, then if somebody compromises the mail > software, they have control over everything important that happens on > the server anyhow. > > It looks like the real problem was actually the pam_limits module that > is being loaded from the various pam.d configuration files. It was > doing a setrlimit(RLIMIT_NPROC, 256), which resulted in it not being > able to perform the various setuid/setgid calls and whatnot and then > spawn the login shell. > > Thanks again for your help, > > Wayne > > > -- > Wayne A. Tucker - [EMAIL PROTECTED] > Network Engineer, Donobi Inc. > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
