Unix ulimit Command

As the name indicates, the ulimit command is used for limit'ing the system resources of the user processes. Apart from setting the limits, we have the "-a" flag, which will report all the current resource limit settings for the logged in user.
Below you can see the current limit set on a RHEL 6.4 for the root user:
root@emerald# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 127335
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
The output above shows the maximum size for each resource specified on the leftmost column. We can change any of them by providing the flag, i.e. -c or -d. For e.g. to set the core file size to unlimited:
root@emerald# ulimit -c unlimited

Hard and Soft Limit:
Apart from the flags or options(as we see in the output), we also have -H and -S flags which determines the hard or soft limit respectively for the given resource.
You can view the hard limit with the below command:
root@emerald# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 127335
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 4096
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 127335
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
Note that ulimit -a is same as ulimit -Sa, i.e. it reports the soft limit.
We can also display individual limits by specifying the respective flag:
root@emerald# ulimit -n
1024
root@emerald# ulimit -Sn
1024
root@emerald# ulimit -Hn
4096

Limit Restriction on Hard Limit:
A soft limit can be increased up to the value of the hard limit only:
root@emerald# ulimit -Sn 4000
root@emerald# ulimit -Sn
4000
root@emerald# ulimit -Sn 5000
-bash: ulimit: open files: cannot modify limit: Invalid argument
Hard limit cannot be increased once it is set:
root@emerald#ulimit -Hn
4096
root@emerald#ulimit -Hn 5000
-bash: ulimit: open files: cannot modify limit: Invalid argument
root@emerald#ulimit -Hn 4095
root@emerald#ulimit -Hn 4096
-bash: ulimit: open files: cannot modify limit: Invalid argument
root@emerald#ulimit -Hn
4095
If we do-not specify the -H or -S while we set the limit, both the soft and hard limits are set:
root@emerald#ulimit -u
1024
root@emerald#ulimit -Hu
127335
root@emerald#ulimit -u 12000
root@emerald#ulimit -u
12000
root@emerald#ulimit -Hu
12000

Setting the Limits permanently:
In Linux system the default user limits can be updated or changed in /etc/security/limits.conf.
The file has some documentation you can refer. In the limits.conf we can set the limits for a certain oracle user  as below:
oracle              soft    nproc   2047
oracle              hard    nproc   16384
oracle              soft    nofile  1024
oracle              hard    nofile  65536
Append the above into the file limits.conf, and the soft-limit for max number of process(nproc) for oracle user will be set to 2047, etc.
Note that pam_limits PAM module need to be configured in order for the limits.conf settings to be applied. You can add the following lines to /etc/pam.d/login file, so that the PAM module sets limit on the system resources by reading from its default configuration file i.e. /etc/security/limits.conf:
session    required     /lib/security/pam_limits.so
session    required     pam_limits.so

Few Lines on System Wide settings:
The above settings were for user level settings, we can set the system wide settings in /etc/sysctl.conf for Linux systems. The current system wide settings could be seen with the command:
# sysctl -p
A final note would be that, while setting the user level hard limit on the resources we should take care that it is less than the system wide limits. For e.g. if the maximum number of file descriptors of the system is set to 65536. Check with the command:
# cat /proc/sys/fs/file-max
65536
And we set hard limit for oracle user "nofile" to 65536 in limits.conf.
Now if the user oracle uses up all the file handles, then the entire system will run out of file handles, and will block any further user from logging in.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)