Re: [PATCH 3/3] KEYS: Make the keyring quotas controllable through/proc/sys
From: Andrew Morton
Date: Wed Mar 19 2008 - 16:37:33 EST
On Thu, 13 Mar 2008 19:14:42 +0000
David Howells <dhowells@xxxxxxxxxx> wrote:
> Make the keyring quotas controllable through /proc/sys files:
>
> (*) /proc/sys/kernel/keys/root_maxkeys
> /proc/sys/kernel/keys/root_maxbytes
>
> Maximum number of keys that root may have and the maximum total number of
> bytes of data that root may have stored in those keys.
>
> (*) /proc/sys/kernel/keys/maxkeys
> /proc/sys/kernel/keys/maxbytes
>
> Maximum number of keys that each non-root user may have and the maximum
> total number of bytes of data that each of those users may have stored in
> their keys.
>
> Also increase the quotas as a number of people have been complaining that it's
> not big enough. I'm not sure that it's big enough now either, but on the
> other hand, it can now be set in /etc/sysctl.conf.
>
> ...
>
> include/linux/key.h | 5 +++++
> kernel/sysctl.c | 9 +++++++++
> security/keys/Makefile | 1 +
> security/keys/internal.h | 14 ++++++++++----
> security/keys/key.c | 23 ++++++++++++++++++-----
> security/keys/keyctl.c | 12 +++++++++---
> security/keys/proc.c | 9 ++++++---
> 7 files changed, 58 insertions(+), 15 deletions(-)
>
> ...
>
> --- a/security/keys/Makefile
> +++ b/security/keys/Makefile
> @@ -14,3 +14,4 @@ obj-y := \
>
> obj-$(CONFIG_KEYS_COMPAT) += compat.o
> obj-$(CONFIG_PROC_FS) += proc.o
> +obj-$(CONFIG_SYSCTL) += sysctl.o
Could we please have a copy of sysctl.c? The boring old build system seems
to think it's important.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/