diff options
| -rw-r--r-- | doc/guix.texi | 37 | ||||
| -rw-r--r-- | gnu/packages/benchmark.scm | 2 | ||||
| -rw-r--r-- | gnu/services/base.scm | 8 |
3 files changed, 28 insertions, 19 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index c49e51b72e..c5f5558e2c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18959,7 +18959,6 @@ will fail if @var{device} does not exist. @end table @end deftp -@anchor{pam-limits-service} @cindex session limits @cindex ulimit @cindex priority @@ -18967,22 +18966,28 @@ will fail if @var{device} does not exist. @cindex jackd @cindex nofile @cindex open file descriptors -@deffn {Scheme Procedure} pam-limits-service [#:limits @code{'()}] - -Return a service that installs a configuration file for the +@anchor{pam-limits-service-type} +@defvar pam-limits-service-type +Type of the service that installs a configuration file for the @uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html, -@code{pam_limits} module}. The procedure optionally takes a list of -@code{pam-limits-entry} values, which can be used to specify -@code{ulimit} limits and @code{nice} priority limits to user sessions. +@code{pam_limits} module}. The value for this service type is +a file-like object containing a list of @code{pam-limits-entry} values +which can be used to specify @code{ulimit} limits and @code{nice} +priority limits to user sessions. The following limits definition sets two hard and soft limits for all login sessions of users in the @code{realtime} group: @lisp -(pam-limits-service - (list - (pam-limits-entry "@@realtime" 'both 'rtprio 99) - (pam-limits-entry "@@realtime" 'both 'memlock 'unlimited))) +(service + pam-limits-service-type + (plain-file + "limits.conf" + (string-join + (map pam-limits-entry->string + (list (pam-limits-entry "@@realtime" 'both 'rtprio 99) + (pam-limits-entry "@@realtime" 'both 'memlock 'unlimited))) + "\n"))) @end lisp The first entry increases the maximum realtime priority for @@ -18994,9 +18999,11 @@ Another useful example is raising the maximum number of open file descriptors that can be used: @lisp -(pam-limits-service - (list - (pam-limits-entry "*" 'both 'nofile 100000))) +(service + pam-limits-service-type + (plain-file + "limits.conf" + (pam-limits-entry->string (pam-limits-entry "*" 'both 'nofile 100000)))) @end lisp In the above example, the asterisk means the limit should apply to any @@ -19005,7 +19012,7 @@ maximum system value visible in the @file{/proc/sys/fs/file-max} file, else the users would be prevented from login in. For more information about the Pluggable Authentication Module (PAM) limits, refer to the @samp{pam_limits} man page from the @code{linux-pam} package. -@end deffn +@end defvar @defvar greetd-service-type @uref{https://git.sr.ht/~kennylevinsen/greetd, @code{greetd}} is a minimal and diff --git a/gnu/packages/benchmark.scm b/gnu/packages/benchmark.scm index 33e2466da9..fd8513f41d 100644 --- a/gnu/packages/benchmark.scm +++ b/gnu/packages/benchmark.scm @@ -458,7 +458,7 @@ test any system or protocol. Note: Locust will complain if the available open file descriptors limit for the user is too low. To raise such limit on a Guix System, refer to -@samp{info guix --index-search=pam-limits-service}.") +@samp{info guix --index-search=pam-limits-service-type}.") (license license:expat))) (define-public interbench diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 5b0b3bb0ab..acbfb879fc 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -246,7 +246,7 @@ kmscon-service-type pam-limits-service-type - pam-limits-service + pam-limits-service ; deprecated greetd-service-type greetd-configuration @@ -1616,9 +1616,11 @@ information on the configuration file syntax." (description "Install the specified resource usage limits by populating @file{/etc/security/limits.conf} and using the @code{pam_limits} -authentication module.")))) +authentication module.") + (default-value (plain-file "limits.conf" ""))))) -(define* (pam-limits-service #:optional (limits '())) +(define-deprecated (pam-limits-service #:optional (limits '())) + pam-limits-service-type "Return a service that makes selected programs respect the list of pam-limits-entry specified in LIMITS via pam_limits.so." (service pam-limits-service-type |