User:Balsa/Resource Limits Working Draft

From SlackWiki
Jump to: navigation, search

Purpose

This page does not attempt to explain the different types of system resource limits or when it is (or is not) appropriate to change them; see man ulimit and [Google] for that discussion.

However, some users run into problems with the linux kernel's default limit settings, so we'll attempt to explain how to modify them to suit their special needs.

Also covered:

  • How to display the system resource limits.


Overview

The default settings provided by the kernel are sane values for most multi-user machines.
However, the defaults may be different depending on your FIXME[distribution/kernel?].
The examples that follow may have different limits than your system. The limits in the examples are not necessarily better. This page does not endorse or recommend any particular limits.
Depending on your shell, the examples may be different, and the commands may need to be modified.

Issuing the command ulimit -Ha should show all the Hard limits. Example:

user@host:~$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
pending signals                 (-i) 8118
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 8118
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

and ulimit -Sa should show all the Soft limits:

user@host:~$ ulimit -Sa
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
pending signals                 (-i) 8118
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 8118
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited


The first command shows the hard limits set by the kernel, and the second command shows the soft limits set by the user(Verify?). An unprivileged user can increase the soft limit (up to the hard limit value), and he is also able to lower the hard limit (but then is unable to increase it, as an unprivileged user cannot raise the hard limit at all).

There are some situations which might require a larger hard limit for users, and the obvious "solution" is to add a line in /etc/profile to increase it. However, this will not work, because normal users cannot increase their hard limits (as indicated above).


Solution #1: /sbin/initscript

To increase the hard limits for users, you will need to create /sbin/initscript and place appropriate commands inside it. The easiest way is to copy the file /sbin/initscript.sample to /sbin/initscript and edit the copy, but you are certainly free to "roll your own." If you decide to create your own, make sure it is executable or it will not work.
Note: If /sbin/initscript.sample does not exist, you may find reading the initscript manual page helpful.
Using the following /sbin/initscript file:

PATH=/bin:/sbin:/usr/bin:/usr/sbin
export PATH

# Increase the hardlimit for open files
ulimit -Hn 4096

# Execute the program.
eval exec "$4"

You should get the following after a reboot:

user@host:~$ ulimit -Hn
4096

user@host:~$ ulimit -n
1024

Notice that the hardlimit is now 4096 (as specified in /sbin/initscript), but the softlimit is still 1024. In other words, you will still need to use /etc/profile (or some other shell init file - see below for recommendation) to raise the desired users' softlimits. With some creative scripting, you can be more selective about which users have what limits.

Rather than editing the system /etc/profile, it's recommended to create a custom file in /etc/profile.d and make it executable. This way, you don't have to worry about trying to merge your changes to /etc/profile when doing Slackware upgrades to new versions.



Solution #2: README.limits and the shadow package

To increase the hard limits for users, you should read the README.limits file provided by the shadow package which is very likely already installed. See the "Other Resources" section to find its location.

Here is an example /etc/limits file.

# /etc/limits contains user resource limits.
# See limits(5).
#
# Format:
# <username> <limits-string>
#
# default entry is '*' for username
#
# Valid flags are:
# A: max address space (KB)
# C: max core file size (KB)
# D: max data size (KB)
# F: maximum filesize (KB)
# M: max locked-in-memory address space (KB) [only for root on Linux 2.0.x]
# N: max number of open files
# R: max resident set size (KB) [no effect on Linux 2.0.x]
# S: max stack size (KB)
# T: max CPU time (MIN)
# U: max number of processes
# L: max number of logins for this user
# I: max nice value (0..39 translates to 20..-19)
# O: max real time priority (0..MAX_RT_PRIO)
#
# Examples:
# the default entry
#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0
# another way of suspending a user login
#guest   L0
# this account has no limits
#sysadm  -

Following the example in Solution #1 above, to increase the hardlimit for open files you would need to add the following line to /etc/limits:

user N4096

You do not need to reboot. Simply log off [Fixme: all instances?] and then log back on again.
Apparently, [Verify?] this will set the hard and soft limits equal.

Results:

user@host:~$ ulimit -Hn
4096

user@host:~$ ulimit -Sn
4096

Other Resources

Find out if ulimit is a shell builtin or not. If which finds an ulimit executable, then it is not a shell builtin.

  • which ulimit

Example of a shell builtin (which returns no results):

user@host: ~ $ which ulimit
which: no ulimit in (/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib/java/bin:/usr/lib/java/jre/bin:/usr/lib/qt/bin:/usr/share/texmf/bin:.:/sbin:/sbin)

The ulimit man page may not be useful if ulimit is a shell builtin. If it is a shell builtin, read your shell's man page and search for the string "ulimit". (without the quotes)

  • man bash
  • man ash
  • man dash
  • man sh
  • man ksh
  • man csh
  • man tcsh

Otherwise,

  • man ulimit


Read the other manual pages:

  • man initscript
  • man limits

Finding the README.limits file

Find the package that installed the limits (5) man page: (should be shadow)

  • grep -i "limits.5.gz" /var/log/packages/*

Find the README.limits file, replacing x.y.z.-march-n with whatever version of shadow you found above:

  • grep -i "README.limits" /var/log/packages/shadow-x.y.z.-march-n

Alternatively, if you have slocate installed:

  • slocate README.limits

(or the really easy way):

  • less `slocate README.limits`


Finally, read the README.limits file, replacing x.y.z with whatever version of shadow you have installed:

  • less /usr/doc/shadow-x.y.z/README.limits