Peter Seebach wrote:
> Well, what I was thinking would be useful would be to add:
> 
> 	daemon:path=/bin /usr/bin /sbin /usr/sbin:...
> 
> and put root into class daemon, so we could have a concrete illustration of
> what's going on there.

I'd say root should have its own class and you don't really want to limit
it, I think. At least, that's what I use. I'm not found of generic classes
or settings for "daemon". There are all kinds of daemons and they usually
have a very precise purpose. So if you care about these settings you
certainly want to have an own class for each of them.
 
> Although we could just omit the datasize limits, I would sort of like to have
> the 'default' class actually contain the correct limits, so that people see
> the easy place to edit this (as opposed to, say, thinking they have to rebuild
> the kernel to change the default datasize limit).

What are the correct limits? I think for general purpose users most of these
are not very useful and do more harm than good. For example, it would be nice to
limit the amount of memory a user may use but these limits are per shell or
process which means it's recursive. So unless you several hundred GiB of RAM
or use really draconian settings, these limits are not horribly useful.

For a dedicated daemon user they can be very useful to prevent resource
exhaustion though since you can usually estimate quite well how much of
each resource they would need.

-- 
Christian