9 vuotta sitten · d0a29e79ef
--- a/README.rst
+++ b/README.rst
@@ -106,6 +106,22 @@ Linux with cron jobs
            hour: 2
            minute: 0

 Linux security limits (limit sensu user memory usage to max 1GB):

 .. code-block:: yaml

    linux:
      system:
        ...
        limit:
          sensu:
            enabled: true
            domain: sensu
            limits:
              - type: hard
                item: as
                value: 1000000

 Enable autologin on tty1 (may work only for Ubuntu 14.04):

 .. code-block:: yaml
--- a/linux/files/limits.conf
+++ b/linux/files/limits.conf
@@ -0,0 +1,9 @@
 {%- from "linux/map.jinja" import system with context %}
 {%- set limit = system.limit.get(limit_name) %}
 # Limits for {{ limit.domain }}

 {%- for entry in limit.limits %}
 {{ limit.domain }} {{ entry.type }} {{ entry.item }} {{ entry.value }}
 {%- endfor %}

 {%- endfor %}
--- a/linux/map.jinja
+++ b/linux/map.jinja
@@ -5,6 +5,7 @@
        'user': {},
        'group': {},
        'job': {},
        'limit': {},
        'repo': {},
        'package': {},
        'selinux': 'permissive',
@@ -16,6 +17,7 @@
        'user': {},
        'group': {},
        'job': {},
        'limit': {},
        'repo': {},
        'package': {},
        'selinux': 'permissive',
@@ -27,6 +29,7 @@
        'user': {},
        'group': {},
        'job': {},
        'limit': {},
        'repo': {},
        'package': {},
        'selinux': 'permissive',
--- a/linux/system/init.sls
+++ b/linux/system/init.sls
@@ -39,3 +39,6 @@ include:
 {%- if system.doc is defined %}
 - linux.system.doc
 {%- endif %}
 {%- if system.limit|length > 0 %}
 - linux.system.limit
 {%- endif %}
--- a/linux/system/limit.sls
+++ b/linux/system/limit.sls
@@ -0,0 +1,21 @@
 {%- from "linux/map.jinja" import system with context %}
 {%- if system.enabled %}

 {%- for name, limit in system.limit.iteritems() %}

 linux_limit_{{ name }}:
  {%- if limit.get('enabled', True) %}
  file.managed:
    - name: /etc/security/limits.d/90-salt-{{ name }}.conf
    - source: salt://linux/files/limits.conf
    - template: jinja
    - defaults:
        limit_name: {{ name }}
  {%- else %}
  file.absent:
    - name: /etc/security/limits.d/90-salt-{{ name }}.conf
  {%- endif %}

 {%- endfor %}

 {%- endif %}