Limit memory usage per account

[CyberCr33p]

I want to limit the max memory per account (mostly for PHP-FPM). I found that this can be done using login.conf and by RCTL. I think that login.conf is used only when a user logins using the shell. PHP-FPM processes run without the user login so the only way is with RCTL, right?

 

[a6h]

limits(1)

 

[covacat]

if you start php via daemon -u it will use setusercontext(3) and will set the limits
for std rc.d launch
${name}_login_class n Login class to use, else "daemon". (see /etc/rc.subr)
where $name is php_fpm?

 

[CyberCr33p]

PHP-FPM runs a master process as root and creates child processes running per user id. I only want to limit these child processes not per process but by user account.

 

[covacat]

you probably have to patch sapi/fpm/fpm/fpm_unix.c and replace the setuid call to a setusercontext call
you can create a patch file to put into the port files dir for future builds

 

[CyberCr33p]

It isn't possible to use RCTL for this?

 

[covacat]

It isn't possible to use RCTL for this?

looks possible, I never used it

 

[Alain De Vos]

man rctl