Linux – how do i set hard and soft file limits for a non-root user at boot

limitslinuxlinux-kernel

I have a xen HVM vps and I'm trying to raise the hard and soft file limits for nobody at boot time. I'm using Ubuntu 10.04.3 and inside /etc/security/limits.conf I have:

nobody       soft    nofile   10000
nobody       hard    nofile  30000

But when I check the file limits are still the default 1024:

su nobody -c 'ulimit -Hn'
1024
su nobody -c 'ulimit -Sn'
1024

What is the right way of raising the file limits for Ubuntu?

Best Answer

/etc/security/limits.conf file is processed by the pam_limits PAM module and is used to assign resource limits for a user session. These will be applied only when PAM and the pam_limits module is used during the session setup.

In your system the su utility may be not configured to use the pam_limits module (see the /etc/pam.d/su.conf file) or uses it only when creating a new login session (called with a -, -l or --login option).

Try using

su - nobody -c 'ulimit -Hn'

or adding

session     required    pam_limits.so

To /etc/pam.d/su or/and /etc/pam.d/su-l.

It may also be the case, that your su utility is not compiled with PAM support at all. In such case it will never use the limits.conf file.

Related Solutions

Linux – Difference Between ulimit -n and /proc/sys/fs/file-max

file-max is the maximum File Descriptors (FD) enforced on a kernel level, which cannot be surpassed by all processes without increasing. The ulimit is enforced on a process level, which can be less than the file-max.

There is no performance impact risk by increasing file-max. Modern distributions have the maximum FD set pretty high, whereas in the past it required kernel recompilation and modification to increase past 1024. I wouldn't increase system-wide unless you have a technical need.

The per-process configuration often needs tuned for serving a particular daemon be it either a database or a Web server. If you remove the limit entirely, that daemon could potentially exhaust all available system resources; meaning you would be unable to fix the problem except by pressing the reset button or power cycling. Of course, either of those is likely to result in corruption of any open files.

Linux – How to configure linux file descriptor limit with fs.file-max and ulimit

Your operating system set limits on how many files can be opened by any running application on your host. You can extend the basic values usually 1024 easily by modifying 2 configuration files:

# vi /etc/sysctl.conf

fs.file-max = 32000

# vi /etc/security/limits.conf

youruser       soft    nofile   10000
youruser       hard    nofile   30000

The hard and soft limits:

man 5 limits.conf

hard
for enforcing hard resource limits. These limits are set by the superuser and 
enforced by the Kernel. The user cannot raise his requirement of system resources
above such values.

soft
for enforcing soft resource limits. These limits are ones that the user
can move up or down within the permitted range by any pre-exisiting hard 
limits. The values specified with this token can be thought of as default values,
for normal system usage.

HTH

Best Answer

Related Solutions

Linux – Difference Between ulimit -n and /proc/sys/fs/file-max

Linux – How to configure linux file descriptor limit with fs.file-max and ulimit

Related Topic