Resource Control
A resource control is a set of limits on the use of some resource within the zone, and associated actions when they are exceeded. The available resources at the time of writing are :
zone.max-lwps
Limits the number of processes that can be running within the zone at any one time.
zone.cpu-shares
Sets a limit on the number of fair share scheduler (FSS) CPU shares for a zone.
For each resource, you can enter a number of limits. Each limit has a privilege type (which is always Privileged), a numeric limit, and an action to take when the limit is exceeded. The typical action is Deny, to prevent any request that would exceed the limit.