On Tue, May 13, 2003 at 04:09:58PM -0500, Jay Kline wrote:
> give it).  I know there must be some way to limit a process's memory
> usage- at least enough to protect the kernel better.

Use limit. ;-)  Create a system user account and a dedicated group for
the application.  Use the group or user to limit the system resources
through pam_limits.so.  The configuration file for pam_limits.so is
found in /etc/security/limits.conf.  The syntax is fairly straight
forward, and you should fine reference to it fairly easily with your
distribution.

To use pam_limits.so, add it to the service file found in /etc/pam.d.
For example, if this application is being called via ssh from some
remote machine.  Add the following line to /etc/pam.d/ssh:

    session required    pam_limits.so

-- 
Chad Walstrom <chewie at wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20030513/41069536/attachment.pgp