8.3.10. Per-user Resource Quotas

Resource quotas may be set on a per-user basis using ACL for fine-grained control.
Rule Syntax

The per-user ACL rule syntax is: 

 quota connections|queues value <group-name-list>|<user-name-list> [ <group-name-list>|<user-name-list>]
Connection quotas

Connection quotas work in conjunction with the command line switch '--connection-limit-per-user N' to limit users to some number of concurrent connections.

  • If the command line switch '--connection-limit-per-user' is absent and there are no 'quota connections' rules in the ACL file then connection limits are not enforced.
  • If the command line switch '--connection-limit-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
  • If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
  • Connection quotas for users are registered in order as the rule file is processed. A user may be assigned any number of connection quota values but only the final value is retained and enforced.
  • Connection quotas for groups are applied as connection quotas for each individual user in the group at the time the 'quota connections' line is processed.
  • Quota values range from 0 to 65530. A value of zero (0) denies connections.
Queue quota

Queue quotas work in conjunction with the command line switch '--max-queues-per-user N' to limit users to some number of concurrent queues.

  • If the command line switch '--max-queues-per-user' is absent and there are no 'quota queues' rules in the ACL file then queue limits are not enforced.
  • If the command line switch '--max-queues-per-user' is present then it assigns an initial value for the pseudo-user 'all'.
  • If the ACL file specifies a quota for pseudo user 'all' than that value is applied to all users who are otherwise unnamed in the ACL file.
  • Queue quotas for users are registered in order as the rule file is processed. A user may be assigned any number of queue quota values but only the final value is retained and enforced.
  • Queue quotas for groups are applied as queue quotas for each individual user in the group at the time the 'quota queues' line is processed.
  • Quota values range from 0 to 65530. A value of zero (0) denies queue creation actions.
Report a bug