Linux Operating System: Setting resource limits with limits.conf

Ubuntu is known as a multi-tasking, multi-process, and multiuser operating system. If the system’s all resources are used by any single process or user, other users and processes might not work in the system.

In this tutorial, I’ll show you how to set the resource limits for users and avoid such issues.

Getting ready

User account with root privileges is required.

How to do it…

Following are the steps to set the resource limits:

Check the CPU use limit with $ulimit –t.

To set new limit, open limits.conf with the following command:

# vim /etc/sysconf/limits.conf

Scroll to the end of the file and add following lines:

Enter Ctrl + O to save the changes.

Enter Ctrl + X to exit GNU nano editor.

How it works…

A module in a Linux system called PAM, PAM stands for pluggable authentication. The PAM module (pam_limit.so) provides the capability to set the cap for resource utilization.

You can use a Linux command ulimit to check the current limits and set the new limit using the ulimit utility. You can also set the default values of pam_limit.so using /etc/security/limits.conf.

Here, we will update limits.conf file to set a limit on CPU uses by users. As we know, we can set the limit using ulimit command but that is limited to that session only, if you want to set the limit permanently, need to configure limits.conf file.

The syntax of the limits.conf file is as follows:

<domain> <type> <item> <value>

Here, <domain> can be a username, a group name, or a wildcard entry.

<type> denotes the type of the limit and it can have the following values:

  • soft: This is a soft limit which can be changed by user
  • hard: This is a cap on soft limit set by super user and enforced by kernel

<item> is the resource to set the limit for. You can get a list of all items with $ulimit –a:

$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 120478
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 120478
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

In our example, we have set soft limit on CPU uses to 0 minutes and hard limit to 1000 minutes. You can changes soft limit values with the ulimit command. To view existing limits on open files, use the command $ulimit -n. To change limits on open files, pass the new limit as follows:

$ulimit -n 4096

A privileged process has authority to change either limit value but an unprivileged process having soft limit value between 0 and hard limit value, and it can be a lower hard limit value.

The command ulimit can be used to set limits on per process basis. You can’t use the ulimit command to limit resources at the user level. You can use cgroups to set a cap on resource use.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Related Articles