[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20080318170438.e4121982.akpm@linux-foundation.org>
Date: Tue, 18 Mar 2008 17:04:38 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: David Howells <dhowells@...hat.com>
Cc: torvalds@...ux-foundation.org, kwc@...i.umich.edu,
arunsr@....iitk.ac.in, dwalsh@...hat.com,
linux-security-module@...r.kernel.org, dhowells@...hat.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/3] KEYS: Make the keyring quotas controllable through
/proc/sys
On Thu, 13 Mar 2008 19:14:42 +0000
David Howells <dhowells@...hat.com> wrote:
> Make the keyring quotas controllable through /proc/sys files:
>
> (*) /proc/sys/kernel/keys/root_maxkeys
> /proc/sys/kernel/keys/root_maxbytes
>
> Maximum number of keys that root may have and the maximum total number of
> bytes of data that root may have stored in those keys.
>
> (*) /proc/sys/kernel/keys/maxkeys
> /proc/sys/kernel/keys/maxbytes
>
> Maximum number of keys that each non-root user may have and the maximum
> total number of bytes of data that each of those users may have stored in
> their keys.
>
> Also increase the quotas as a number of people have been complaining that it's
> not big enough. I'm not sure that it's big enough now either, but on the
> other hand, it can now be set in /etc/sysctl.conf.
>
> ...
>
> include/linux/key.h | 5 +++++
> kernel/sysctl.c | 9 +++++++++
> security/keys/Makefile | 1 +
> security/keys/internal.h | 14 ++++++++++----
> security/keys/key.c | 23 ++++++++++++++++++-----
> security/keys/keyctl.c | 12 +++++++++---
> security/keys/proc.c | 9 ++++++---
> 7 files changed, 58 insertions(+), 15 deletions(-)
>
> ...
>
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -14,3 +14,4 @@ obj-y := \
>
> obj-$(CONFIG_KEYS_COMPAT) += compat.o
> obj-$(CONFIG_PROC_FS) += proc.o
> +obj-$(CONFIG_SYSCTL) += sysctl.o
Could we please have a copy of sysctl.c? The boring old build system seems
to think it's important.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists