diff options
author | Ricardo Wurmus <rekado@elephly.net> | 2015-10-12 07:11:51 +0200 |
---|---|---|
committer | Ricardo Wurmus <rekado@elephly.net> | 2016-07-19 23:50:03 +0200 |
commit | 909147e43f8c9f8c9b9d33597d5dd83facca699c (patch) | |
tree | 6cc5d029757ca6bcf241423c37062b4745a8778b /doc | |
parent | 8e9ba611cbc3c0c7425d44ade0ad5e603d680ff6 (diff) | |
download | guix-909147e43f8c9f8c9b9d33597d5dd83facca699c.tar.gz |
services: Add pam-limits-service.
* gnu/system/pam.scm (<pam-limits-entry>): New record type. (pam-limits-entry, pam-limits-entry->string): New procedures. * gnu/services/base.scm (pam-limits-service-type): New variable. (pam-limits-service): New procedure. * doc/guix.texi (Base Services): Document it.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/guix.texi | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 1c4d57c811..7ea9ddfe35 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -17,6 +17,7 @@ Copyright @copyright{} 2015, 2016 Mathieu Lirzin@* Copyright @copyright{} 2014 Pierre-Antoine Rault@* Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/Kammer@* Copyright @copyright{} 2015, 2016 Leo Famulari@* +Copyright @copyright{} 2015, 2016 Ricardo Wurmus@* Copyright @copyright{} 2016 Ben Woodcroft@* Copyright @copyright{} 2016 Chris Marusich@* Copyright @copyright{} 2016 Efraim Flashner @@ -7570,6 +7571,35 @@ to add @var{device} to the kernel's entropy pool. The service will fail if @var{device} does not exist. @end deffn +@anchor{pam-limits-service} +@cindex session limits +@cindex ulimit +@cindex priority +@deffn {Scheme Procedure} pam-limits-service [#:limits @var{limits}] + +Return a service that installs a configuration file for the +@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html, +@code{pam_limits} module}. The procedure optionally takes a list of +@code{pam-limits-entry} values, which can be used to specify +@code{ulimit} limits and nice priority limits to user sessions. + +The following limits definition sets two hard and soft limits for all +login sessions of users in the @code{realtime} group: + +@example +(pam-limits-service + (list + (pam-limits-entry "@@realtime" 'both 'rtprio 99) + (pam-limits-entry "@@realtime" 'both 'memlock 'unlimited))) +@end example + +The first entry increases the maximum realtime priority for +non-privileged processes; the second entry lifts any restriction of the +maximum address space that can be locked in memory. These settings are +commonly used for real-time audio systems. +@end deffn + + @node Scheduled Job Execution @subsubsection Scheduled Job Execution |