The entry openfiles-cur=1024 is overriding the entry openfiles=1024.
Note that openfiles=value sets both openfiles-max=value and
openfiles-cur=value.
The setting openfiles-max setting is the upper limit which can only be
changed by root while any user can change their own openfiles-cur up the
maximum value set previously. You will either need to increase
openfiles-cur or remove it completely and only have openfiles=4096.
All this info and more is contained in login.conf(5) and getrlimit(2).
However, I believe the recommended practice would be to create a new
login class, called 'relayd' say, that inherits from the daemon class.
This is specified using the entry: tc=daemon. Otherwise, every process
running as a user in the daemon class will have these heightened
privileges - and there's a lot of them.
Regards,
JP
No comments:
Post a Comment