Shells like bash/csh/ksh are responsible to provide the control over various system resources to the user. Otherwise, one normal user may utilize the complete system resources and system won’t be available for other users. So setting the limit to users is very important and you need to be very careful before granting shell limits to them. You need to be always make sure that system is not going out its system wide limit. For an example , if the maximum system process limit is 64K and if you grated process limit to 4 users as 24K. When these all four users try to use the maximum no of process, system will run out of its limit and you will see fork errors on the system.
From ulimit man pages,
Options | Explanation |
---|---|
-a | All current limits are reported |
-b | The maximum socket buffer size |
-c | The maximum size of core files created |
-d | The maximum size of a processâs data segment |
-e | The maximum scheduling priority (“nice”) |
-f | The maximum size of files written by the shell and its children |
-i | The maximum number of pending signals |
-l | The maximum size that may be locked into memory |
-m | The maximum resident set size (many systems do not honor this limit) |
-n | The maximum number of open file descriptors (most systems do not allow this value to be set) |
-p | The pipe size in 512-byte blocks (this may not be set) |
-q | The maximum number of bytes in POSIX message queues |
-r | The maximum real-time scheduling priority |
-s | The maximum stack size |
-t | The maximum amount of cpu time in seconds |
-u | The maximum number of processes available to a single user |
-v | The maximum amount of virtual memory available to the shell |
-x | The maximum number of file locks |
-t | The maximum number of threads |
1.How to see the user shell’s soft limit ? Here is the user is oracle.
[oracle@mylinz ~]$ ulimit -Sa core file size (blocks, -c) unlimited data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 11949 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 8192 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 4096 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [oracle@mylinz ~]$
2.How to see the user shell’s hard limit ?
[oracle@mylinz ~]$ ulimit -Ha core file size (blocks, -c) unlimited data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 11949 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 8192 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes (-u) 4096 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [oracle@mylinz ~]$
3.User can set their own soft limit ? Yes.They can able to set their own soft limit up to the hard limit value.Hard limit’s are managed by root user. You can reduce the hardlimit but you can;t increase being a normal user.
Ex:
List the existing “max user processes”.
[oracle@mylinz ~]$ ulimit -S -u 4096 [oracle@mylinz ~]$ ulimit -H -u 8192 [oracle@mylinz ~]$
-S – soft limit
-H – Hard limit
Set the new value to “max user processes” soft limit. As per above command output, soft limit can grow till 8192.
[oracle@mylinz ~]$ ulimit -S -u 8192 [oracle@mylinz ~]$ ulimit -S -u 8192 [oracle@mylinz ~]$
Let me try to set new hard limit,
[oracle@mylinz ~]$ ulimit -H -u 12288 -bash: ulimit: max user processes: cannot modify limit: Operation not permitted [oracle@mylinz ~]$ [oracle@mylinz ~]$ ulimit -H -u 4096 -bash: ulimit: max user processes: cannot modify limit: Invalid argument [oracle@mylinz ~]$ [oracle@mylinz ~]$ ulimit -H -u 8192 [oracle@mylinz ~]$
So here,we are not able to modify hard limit being a normal user.You will get error like “bash: ulimit: max user processes: cannot modify limit: Operation not permitted”. But without specifying hard option, i am able to reduce hard limit and not able to increase the value after that.
[oracle@mylinz ~]$ ulimit -u 4096 [oracle@mylinz ~]$ ulimit -H -u 4096 [oracle@mylinz ~]$ ulimit -u 8192 -bash: ulimit: max user processes: cannot modify limit: Operation not permitted [oracle@mylinz ~]$
4.How to increase the hard and soft limit value for user from root login?
To increase the soft & hard limit values to the users,you need to edit “/etc/security/limits.conf” file. Here is the oracle’s user’s configuration in limits.conf.
[oracle@mylinz ~]$ tail -7 /etc/security/limits.conf # End of file oracle soft nofile 8192 oracle hard nofile 8192 oracle soft nproc 4096 oracle hard nproc 8192 oracle soft core unlimited oracle hard core unlimited [oracle@mylinz ~]$
After modifying the file, user need to logoff and login again to see the new values.
5.limits.conf file will be used to set the user level limit.Where to set the system level limits ?
To set the system-wide limit, you need to edit the “/etc/sysctl.conf”.For an example, if you want to set number of open files system-wide, edit sysctl.conf and re-load the configuration.Existing system-wide open files limit,
[root@mylinz ~]# cat /proc/sys/fs/file-max 6815744 [root@mylinz ~]#
Edit the open files value in sysctl.conf like below ,
[root@mylinz ~]# cat /etc/sysctl.conf |grep file-max fs.file-max = 6816768 [root@mylinz ~]#
Re-load the configuration,and check the system-wide open files value
[root@mylinz ~]# sysctl -p net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key error: "net.bridge.bridge-nf-call-iptables" is an unknown key error: "net.bridge.bridge-nf-call-arptables" is an unknown key kernel.sem = 250 32000 100 128 kernel.shmmax = 4294967295 fs.file-max = 6816768 [root@mylinz ~]# cat /proc/sys/fs/file-max 6816768 [root@mylinz ~]#
We have successfully changed the system-wide open files (File descriptor) value. You can also simply execute the single command to modify these value,but that change will not persist across the system reboot.
[root@mylinz ~]# sysctl -w fs.file-max=6816768 fs.file-max = 6816768 [root@mylinz ~]# cat /proc/sys/fs/file-max 6816768 [root@mylinz ~]#
Hope now you are familiar with modifying the ulimit values for user and setting the new resource limit in sysctl.conf file .
Do not forget to check Redhat Enterprise Linux 7 Tutorial .
Thank you for visiting UnixArena.
Leave a Reply