Setting z/OS UNIX user limits
You can control the amount of resources consumed by certain z/OS UNIX users by setting individual limits for these users. The resource limits for the majority of z/OS UNIX users are specified in the BPXPRMxx member of SYS1.PARMLIB. These limits apply to all users except those with UID 0 (superuser authority). Rather than assigning superuser authority to application servers and other users so they can exceed BPXPRMxx limits, you can individually set higher limits to these users. Setting user limits allows you to minimize the number of assignments of superuser authority at your installation and reduces your security risk.
- ASSIZEMAX
- Maximum address space size (RLIMIT_AS)
- CPUTIMEMAX
- Maximum CPU time (RLIMIT_CPU)
- FILEPROCMAX
- Maximum number of files per process
- MEMLIMIT
- Maximum number of bytes of non-shared memory per user
- MMAPAREAMAX
- Maximum memory map size
- PROCUSERMAX
- Maximum number of processes per UID
- SHMEMMAX
- Maximum number of bytes of shared memory per user
- THREADSMAX
- Maximum number of threads per process
Once you have set individual user limits for users who require higher resource limits, you should consider removing their superuser authority. You should also reevaluate your installation's BPXPRMxx limits and consider reducing these limits. See z/OS UNIX System Services Planning for more information.