1. Soft limit: is the value that the kernel enforces for the corresponding resource.
2. Hard limit: acts as a ceiling for the soft limit.
[root@localhost ~]# cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# – a user name
# – a group name, with @group syntax
# – the wildcard *, for default entry
# – the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# – “soft” for enforcing the soft limits
# – “hard” for enforcing hard limits
#
#<item> can be one of the following:
# – core – limits the core file size (KB)
# – data – max data size (KB)
# – fsize – maximum filesize (KB)
# – memlock – max locked-in-memory address space (KB)
# – nofile – max number of open file descriptors
# – rss – max resident set size (KB)
# – stack – max stack size (KB)
# – cpu – max CPU time (MIN)
# – nproc – max number of processes
# – as – address space limit (KB)
# – maxlogins – max number of logins for this user
# – maxsyslogins – max number of logins on the system
# – priority – the priority to run user process with
# – locks – max number of file locks the user can hold
# – sigpending – max number of pending signals
# – msgqueue – max memory used by POSIX message queues (bytes)
# – nice – max nice priority allowed to raise to values: [-20, 19]
# – rtprio – max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student – maxlogins 4
# End of file
#############################
<domain> can be:
an user name
a group name, with @group syntax
the wildcard *, for default entry
the wildcard %, can be also used with %group syntax, for maxlogin limit
<type> can have the two values:
“soft” for enforcing the soft limits
“hard” for enforcing hard limits
<item> can be one of the following:
core – limits the core file size (KB)
data – max data size (KB)
fsize – maximum filesize (KB)
memlock – max locked-in-memory address space (KB)
nofile – max number of open files
rss – max resident set size (KB)
stack – max stack size (KB)
cpu – max CPU time (MIN)
nproc – max number of processes
as – address space limit (KB)
maxlogins – max number of logins for this user
maxsyslogins – max number of logins on the system
priority – the priority to run user process with
locks – max number of file locks the user can hold
sigpending – max number of pending signals
msgqueue – max memory used by POSIX message queues (bytes)
nice – max nice priority allowed to raise to values: [-20, 19]
rtprio – max realtime priority
Exit and re-login from the terminal for the change to take effect.
#############################
[root@localhost ~]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 1874
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1874
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
To change the nofile to 10000 you can do
[root@localhost ~]# ulimit -n 10000
[root@localhost ~]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 1874
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 10000
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1874
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[root@localhost ~]# logout
Connection to 192.168.57.101 closed.
mohammedrafi@NOC-RAFI:~$ ssh root@192.168.57.101
root@192.168.57.101’s password:
Last login: Wed Sep 13 08:32:57 2017 from 192.168.57.1
[root@localhost ~]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 1874
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1874
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[root@localhost ~]# vim /etc/security/limits.conf
joe soft nofile 64000
root soft nofile 75000
root hard nofile 85000
[root@localhost ~]# logout
Connection to 192.168.57.101 closed.
mohammedrafi@NOC-RAFI:~$ ssh root@192.168.57.101
root@192.168.57.101’s password:
Last login: Wed Sep 13 08:59:14 2017 from 192.168.57.1
[root@localhost ~]# ulimit -Sn
75000
[root@localhost ~]# ulimit -Hn
85000
[root@localhost ~]# reboot
Connection to 192.168.57.101 closed by remote host.
Connection to 192.168.57.101 closed.
mohammedrafi@NOC-RAFI:~$ ssh root@192.168.57.101
root@192.168.57.101’s password:
Last login: Wed Sep 13 09:03:04 2017 from 192.168.57.1
[root@localhost ~]# ulimit -Sn
75000
[root@localhost ~]# ulimit -Hn
85000
[root@localhost ~]# su – joe
Last login: Wed Sep 13 08:55:59 IST 2017 on pts/0
[joe@localhost ~]$ ulimit -Sn
64000
[joe@localhost ~]$ ulimit -Hn
85000
