summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
authorRicardo Wurmus <rekado@elephly.net>2015-10-12 07:11:51 +0200
committerRicardo Wurmus <rekado@elephly.net>2016-07-19 23:50:03 +0200
commit909147e43f8c9f8c9b9d33597d5dd83facca699c (patch)
tree6cc5d029757ca6bcf241423c37062b4745a8778b /doc
parent8e9ba611cbc3c0c7425d44ade0ad5e603d680ff6 (diff)
downloadguix-909147e43f8c9f8c9b9d33597d5dd83facca699c.tar.gz
services: Add pam-limits-service.
* gnu/system/pam.scm (<pam-limits-entry>): New record type.
(pam-limits-entry, pam-limits-entry->string): New procedures.
* gnu/services/base.scm (pam-limits-service-type): New variable.
(pam-limits-service): New procedure.
* doc/guix.texi (Base Services): Document it.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi30
1 files changed, 30 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 1c4d57c811..7ea9ddfe35 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -17,6 +17,7 @@ Copyright @copyright{} 2015, 2016 Mathieu Lirzin@*
 Copyright @copyright{} 2014 Pierre-Antoine Rault@*
 Copyright @copyright{} 2015 Taylan Ulrich Bayırlı/Kammer@*
 Copyright @copyright{} 2015, 2016 Leo Famulari@*
+Copyright @copyright{} 2015, 2016 Ricardo Wurmus@*
 Copyright @copyright{} 2016 Ben Woodcroft@*
 Copyright @copyright{} 2016 Chris Marusich@*
 Copyright @copyright{} 2016 Efraim Flashner
@@ -7570,6 +7571,35 @@ to add @var{device} to the kernel's entropy pool.  The service will fail if
 @var{device} does not exist.
 @end deffn
 
+@anchor{pam-limits-service}
+@cindex session limits
+@cindex ulimit
+@cindex priority
+@deffn {Scheme Procedure} pam-limits-service [#:limits @var{limits}]
+
+Return a service that installs a configuration file for the
+@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html,
+@code{pam_limits} module}.  The procedure optionally takes a list of
+@code{pam-limits-entry} values, which can be used to specify
+@code{ulimit} limits and nice priority limits to user sessions.
+
+The following limits definition sets two hard and soft limits for all
+login sessions of users in the @code{realtime} group:
+
+@example
+(pam-limits-service
+ (list
+  (pam-limits-entry "@@realtime" 'both 'rtprio 99)
+  (pam-limits-entry "@@realtime" 'both 'memlock 'unlimited)))
+@end example
+
+The first entry increases the maximum realtime priority for
+non-privileged processes; the second entry lifts any restriction of the
+maximum address space that can be locked in memory.  These settings are
+commonly used for real-time audio systems.
+@end deffn
+
+
 @node Scheduled Job Execution
 @subsubsection Scheduled Job Execution