Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/Documentation/admin-guide/sysctl/user.rst 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) =================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) Documentation for /proc/sys/user/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3) =================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5) kernel version 4.9.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) Copyright (c) 2016		Eric Biederman <ebiederm@xmission.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) ------------------------------------------------------------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) This file contains the documentation for the sysctl files in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) /proc/sys/user.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) The files in this directory can be used to override the default
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) limits on the number of namespaces and other objects that have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) per user per user namespace limits.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) The primary purpose of these limits is to stop programs that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) malfunction and attempt to create a ridiculous number of objects,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) before the malfunction becomes a system wide problem.  It is the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) intention that the defaults of these limits are set high enough that
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) no program in normal operation should run into these limits.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) The creation of per user per user namespace objects are charged to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) the user in the user namespace who created the object and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) verified to be below the per user limit in that user namespace.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) The creation of objects is also charged to all of the users
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) who created user namespaces the creation of the object happens
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) in (user namespaces can be nested) and verified to be below the per user
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) limits in the user namespaces of those users.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) This recursive counting of created objects ensures that creating a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) user namespace does not allow a user to escape their current limits.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) Currently, these files are in /proc/sys/user:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) max_cgroup_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) =====================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)   The maximum number of cgroup namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) max_ipc_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47)   The maximum number of ipc namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) max_mnt_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)   The maximum number of mount namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) max_net_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59)   The maximum number of network namespaces that any user in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)   current user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) max_pid_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)   The maximum number of pid namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) max_time_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) ===================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71)   The maximum number of time namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) max_user_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) ===================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77)   The maximum number of user namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78)   user namespace may create.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) max_uts_namespaces
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83)   The maximum number of user namespaces that any user in the current
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84)   user namespace may create.
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.