<HTML ><HEAD ><TITLE >Advanced Host Configuration</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Connecting X Terminals to Linux Mini-HOWTO" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Basic Host Configuration" HREF="configuration.html"><LINK REL="NEXT" TITLE="Client Configuration" HREF="client.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Connecting X Terminals to Linux Mini-HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="configuration.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="client.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="ADVANCED" ></A >5. Advanced Host Configuration</H1 ><P >The section addresses some optional configuration options that may improve performance on a Linux X Host.</P ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="LIMITSCONF" ></A >5.1. Setting User and Group Limits</H2 ><P >One of the dangers associated with the thin client model is that a runaway process might eat up all of the available system memory and/or cpu on the host system. When this happens, the performance on that system can degrade resulting in system hangs, freezes, and a host of other generally undesirable consequences.</P ><P >Fortunately, Linux comes with a set of facilities to mitigate these kinds of problems. The first tool that we will look at is the limits.conf file located in /etc/security. limits.conf provides the ability to specify user and group level limits to certain types of system resources, including memory. Limits set in this file are set on a per user or per group basis. Though there are many limits that can be set in this file, we will address only a few in this tutorial. </P ><P >The basic syntax for limits.conf consists of individual lines with values of the following types: (domain) (type) (item) (value) where domain is user or group, type refers to a hard or soft limit, item refers to the resource being limited and value referring to the value associated with the limit being set. For example, setting the following value:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >guest hard priority 19</PRE ></FONT ></TD ></TR ></TABLE ><P >places a hard limit on the priority with which jobs are scheduled for a user named 'guest'. In this case, guest is always scheduled at the lowest possible priority.</P ><P >As another example, to set a max cpu time of 10 minutes for user guest, set the following value:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >guest hard cpu 10</PRE ></FONT ></TD ></TR ></TABLE ><P >As a final example, to set a limit of 3 failed logins for a group called guest, set the following value:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >@guest hard maxlogins 3</PRE ></FONT ></TD ></TR ></TABLE ></DIV ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="MORELIMITS" ></A >5.2. More Limits</H2 ><P >A second method for limiting the potential impact of runaway proceses is to set limits on a per process basis. This can be achieved by setting the ulimit command in <TT CLASS="FILENAME" >/etc/profile</TT >. </P ><P >To set a soft limit on the maximum amount of memory available to a given process to a value that is less than the total amount of memory on the system on a system with 1 gig of real memory and 500 megs of virtual memory you would set the following values in <TT CLASS="FILENAME" >/etc/profile</TT >:</P ><TABLE BORDER="1" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="SCREEN" >ulimit -S -m 1000000 ulimit -S -v 500000</PRE ></FONT ></TD ></TR ></TABLE ><P >With this value set, the system will kill any process that tries to take up more resources than you have set as a limit. </P ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="configuration.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="client.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Basic Host Configuration</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Client Configuration</TD ></TR ></TABLE ></DIV ></BODY ></HTML >