morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

pid1: make MaxConnectionsPerSource= also work for AF_UNIX sockets

Browse Source 
The setting currently puts limits on connections per IP address and
AF_UNIX CID. Let's extend it to cover AF_UNIX too, where it puts a limit
on connections per UID.

This is particularly useful for the various Accept=yes Varlink services
we now have, as it means, the number of per-user instance services
cannot grow without bounds.
This commit is contained in:
Lennart Poettering
2024-02-07 10:11:44 +01:00
parent f43330eace
commit 48930a5ded
2 changed files with 38 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
man/systemd.socket.xml
View File

@@ -470,9 +470,10 @@
<varlistentry>
<term><varname>MaxConnectionsPerSource=</varname></term>
<listitem><para>The maximum number of connections for a service per source IP address.
This is very similar to the <varname>MaxConnections=</varname> directive
above. Disabled by default.</para>
<listitem><para>The maximum number of connections for a service per source IP address (in case of
IPv4/IPv6), per source CID (in case of <constant>AF_VSOCK</constant>), or source UID (in case of
<constant>AF_UNIX</constant>). This is very similar to the <varname>MaxConnections=</varname>
directive above. Disabled by default.</para>
<xi:include href="version-info.xml" xpointer="v232"/>
</listitem>