Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
APPJAIL-LIMITS(1)	    General Commands Manual	     APPJAIL-LIMITS(1)

NAME
       appjail-limits -- Display and update resource limits database for jails

SYNOPSIS
       appjail limits get [-eHIipt] -n nro jail	[keyword ...]
       appjail limits list [-eHIipt] [-n nro] jail [keyword ...]
       appjail limits off jail
       appjail limits on jail
       appjail limits remove [all|nro nro] jail
       appjail limits remove keyword -n	nro jail [keyword ...]
       appjail	 limits	  set	[-E|-e]	  [-N	name]	[-n  [auto|nro]]  jail
	       resource:action[=amount[/per]]
       appjail limits stats [-eHhIpt] jail [keyword ...]

DESCRIPTION
       The appjail limits utility provides a flexible resource	limits	mecha-
       nism  for  jails, controlled by a set of	rules that can be added	or re-
       moved at	runtime.

       appjail limits requires the kern.racct.enable tunable to	be set to 1 in
       your loader.conf(5).  You must reboot your system  for  the  change  to
       take effect.

       The options are as follows:

       get [-eHIipt] -n	nro jail [keyword ...]
	    Get	 information  about  current rules , that is, the keyword that
	    represent the information to be obtained. Multiple keywords	can be
	    specified, which are displayed as a	table-like  interface  in  the
	    order  in  which  they are specified.  If no keyword is specified,
	    the	defaults are nro, enabled, name, rule and loaded.

	    See	"KEYWORDS" for a list of available keywords.

	    -e	Not required when using	-p .  The \t character is used to  de-
		limit  columns,	 so as not to show strange values, this	option
		shows <TAB> instead of \t in the case that  a  value  contains
		the latter.

	    -H	Shows the name of the columns.

	    -I	Include	 empty	values.	 By default, a minus sign is displayed
		when a value is	empty.

	    -i	Don't complain when nro	doesn't	exist.

	    -p	Columnate the list.

	    -t	Tabulate columns and values.

	    -n nro
		Identifier.

       list [-eHIipt] [-n nro] jail [keyword ...]
	    Similar to get but shows each keyword for  each  rule  in  a  nice
	    table.

	    -e,	-H, -I,	-p, -t
		All  of	these options perform the opposite task	of the options
		described in get.

	    -i	Perform	the same task as described in get .

	    -n nro
		Only show information for nro.

       off jail
	    Flush the rules currently in use.

       on jail
	    Load enabled rules configured by set .

       remove [all|nro nro] jail
	    Remove a given rule.

	    all
		Remove all rules.

	    nro	nro
		Remove the rule	specified by nro .

       remove keyword -n nro jail [keyword ...]
	    Remove a given keyword identified by nro .

	    See	"KEYWORDS" for a list of available keywords.

       set     [-E|-e]	    [-N	     name]	[-n	 [auto|nro]]	  jail
	    resource:action[=amount[/per]]
	    Configure a	new or existing	rule.

	    You	 can skip the required parameters and arguments	if nro has the
	    corresponding value, e.g. you  can	use  -e	 to  disable  a	 given
	    rctl(8) rule without specifying it again.

	    [-E|-e]
		Enable (-E) or disable (-e) this rule.

	    [-N	name]
		Brief description about	this rule.

	    [-n	[auto|nro]]
		Identifier.  An	 identifier  is	composed of a positive number.
		Use auto (default) to get the lowest identifier	value.

       stats [-eHhIpt] jail [keyword ...]
	    Get	information about resource consumption , that is, the  keyword
	    that  represent  the information to	be obtained. Multiple keywords
	    can	be specified, which are	displayed as a table-like interface in
	    the	 order	in  which  they	 are  specified.   If  no  keyword  is
	    specified,	the  defaults  are maxproc, cputime, pcpu, vmemoryuse,
	    readiops and writeiops.

	    See	"KEYWORDS" for a list of available keywords.

	    -e,	-H, -I,	-p, -t
		All of these options perform the opposite task of the  options
		described in get.

	    -h	By default, stats displays the output in "human-Readable" for-
		mat,  using  unit  suffixes  such as Byte, Megabyte, Gigabyte,
		Terabyte, and Petabyte.	 This option does not allow  this  be-
		havior.

KEYWORDS
   get,	list, remove keyword
       action
	   Defines what	will happen when a process exceeds the allowed amount.
	   See the ACTIONS section in rctl(8) for details.

       enabled
	   Shows 1 if the rule is enabled, 0 if	it is not.

       name
	   Brief description about this	rule.

       per
	   Defines  what entity	the amount gets	accounted for. See RULE	SYNTAX
	   in rctl(8) for details.

       resource
	   Identifies the resource the rule controls. See the  RESOURCES  sec-
	   tion	in rctl(8) for details.

       rule
	   The rule that will be applied.

   get,	list
       nro
	   Identifier.

       loaded
	   The rule that is currently in use.

   stats
   See RESOURCES in rctl(8).

EXIT STATUS
       The  appjail  limits utility exits 0 on success,	and >0 if an error oc-
       curs.

SEE ALSO
       appjail-quick(1)	sysexits(3) rctl(8)

AUTHORS
       Jess Daniel Colmenares Oviedo <DtxdF@disroot.org>

FreeBSD	Ports 14.quarterly	 April 6, 2024		     APPJAIL-LIMITS(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=appjail-limits&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help