Linux - Limit Process At User Level

January 30, 2013 | By
| Reply More

Ulimit : As the name signifies, its the user resource limits defined by users for their respective processes, it provides control over the resources available to the shell and to processes started by it, on systems that allow such control. ie limit on the number of processes that a single user may create.

Linux can limit total number of processes on the system doesnot have option to limit any thread per process. Below file shows the maximum allowed process. You can alter this value.

cat /proc/sys/kernel/threads-max

This artcle is based on limiting process at user level

Usually, you have to increase the values of some of the Linux kernel limits before your install or run many applications.

With ulimit you can set two kind of limits:

1. Soft limit: is the value that the kernel enforces for the corresponding resource.
2. Hard limit: acts as a ceiling for the soft limit.

An unprivileged process may only set its soft limit to a value in the range from 0 up to the hard limit, and (irreversibly) lower its hard limit. A privileged process may make arbitrary changes to either limit value.

Checking the values of the kernel limits

[root@db0 ~]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 147456
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 147456
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited

Change ulimit settings

ulimit -n

For many distributions of Linux you can change values by substituting the -n option for any possible value in the output of ulimit -a. See your operating system documentation for the precise procedure for changing system limits on running systems.

NB: After changing the ulimit settings, you must restart the process to take advantage of the modified settings. You can use the /proc file system to see the current limitations on a running process.
Depending on your system’s configuration, and default settings, any change to system limits made using ulimit may revert following system a system restart. Check your distribution and operating system documentation for more information.

Set maximum number of opened files

Linux servers have a PAM (plugabble authentication) module that handles system limits:

“By default limits are taken from the /etc/security/limits.conf config file. Then individual files from the /etc/security/limits.d/ directory are read. The files are parsed one after another in the order of “C” locale. The effect of the individual files is the same as if all the files were concatenated together in the order of parsing. If a config file is explicitely specified with a module option then the files in the above directory are not parsed.”

In our example we will set the maximum number of files to 16384 for all users of the system (values can be set for individual users or groups as well):

# vi /etc/security/limits.conf
Add two lines for each limit:
* soft nofile 16384
* hard nofile 16384

Reboot your machine and test the new limits configuration

Scripted Mode for hard and soft limits

NB : This section applies only to Linux operating systems. ( i used a RHEL 5 system for my example)
The /proc file-system stores the per-process limits in the file system object located at /proc/ /limits, where is the process’s PID or process identifier. You can use the following bash function to return the content of the limits object for a process or processes with a given name:

return-limits(){

for process in $@; do
process_pids=`ps -C $process -o pid --no-headers | cut -d " " -f 2`

if [ -z $@ ]; then
echo "[no $process running]"
else
for pid in $process_pids; do
echo "[$process #$pid -- limits]"
cat /proc/$pid/limits
done
fi

done
export -f return-limits
}

You can copy and paste this function into a current shell session or load it as part of a script. Call the function with one the following invocations:

Lets say you want to see the bash process limits in detail via this script return_limits.sh, you can check it via:

1. Source in the script via

#. ./return_limits.sh (note the “.” after the hash, used to source in the function of the script)

2. Call the bash process via this script

#return-limits bash

[root@db0 ~]# return-limits bash
[bash #9458 -- limits]
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 10485760 unlimited bytes
Max core file size 0 unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 147456 147456 processes
Max open files 1024 1024 files
Max locked memory 32768 32768 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 147456 147456 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0
Max realtime priority 0 0
[bash #9562 -- limits]

Similarly , ulimit improper use can also distabilise the whole system and can paralyze it, but such scenarios are out of scope of this article as this focusses on basic usage and will not be covered, its always recommended to refer the installation documention of respective application for any such ulimit parameters and related modifications.

Filed Under : LINUX COMMANDS, LINUX HOWTO, USER MANAGEMENT

Tagged With :

Free Linux Ebook to Download

Leave a Reply

Commenting Policy:
Promotion of your products ? Comment gets deleted.
All comments are subject to moderation.