Setting z/OS UNIX user limits

You can control the amount of resources consumed by certain z/OS UNIX users by setting individual limits for these users. The resource limits for the majority of z/OS UNIX users are specified in the BPXPRMxx member of SYS1.PARMLIB. These limits apply to all users except those with UID 0 (superuser authority). Rather than assigning superuser authority to application servers and other users so they can exceed BPXPRMxx limits, you can individually set higher limits to these users. Setting user limits allows you to minimize the number of assignments of superuser authority at your installation and reduces your security risk.

You can specify z/OS UNIX user limits by choosing options on the ADDUSER or ALTUSER commands. The limits are stored in the OMVS segment of the user profile. The following limits can be set in the OMVS user segment:
ASSIZEMAX
Maximum address space size (RLIMIT_AS)
CPUTIMEMAX
Maximum CPU time (RLIMIT_CPU)
FILEPROCMAX
Maximum number of files per process
MEMLIMIT
Maximum number of bytes of non-shared memory per user
MMAPAREAMAX
Maximum memory map size
PROCUSERMAX
Maximum number of processes per UID
SHMEMMAX
Maximum number of bytes of shared memory per user
THREADSMAX
Maximum number of threads per process

Once you have set individual user limits for users who require higher resource limits, you should consider removing their superuser authority. You should also reevaluate your installation's BPXPRMxx limits and consider reducing these limits. See z/OS UNIX System Services Planning for more information.

Parent topic: Defining user identifiers (UIDs)