Introduction
ulimit
is a built-in Linux shell command that allows viewing or limiting system resource amounts that individual users consume. Limiting resource usage is valuable in environments with multiple users and system performance issues.
In this tutorial, you will learn to use the ulimit
command in Linux with examples.
Prerequisites
- A system running Linux
- Access to a terminal
- Sudo privileges
What Is limits.conf?
The limits.conf file is a configuration file that defines the system resource allocation settings ulimit
uses. The full path to the configuration file is /etc/security/limits.conf.
Changing the values in the file persist after system reboot. Superuser permissions are required for editing the limits.conf file.
The first section of the limits.conf file looks like this:
ulimit, Soft Limit, and Hard Limit in Linux Explained
The following sections explain the ulimit
syntax and the difference between two resource limitation types – a soft limit and hard limit.
Note: Use the top command to obtain information about the running processes and resource usage in a system.
ulimit Syntax
The ulimit
command takes the following general syntax:
ulimit [flags][limit]
For example, to set the physical memory size in kilobytes, enter:
ulimit -m 15000
Flags
Use the ulimit
flags to view or limit individual values for various system resources. When a [limit]
is given, it is the new value of the specified resource.
The available flags are:
Flag | Description |
---|---|
-H |
The hard limit for the given resource. Only root users can raise the hard limit, and any process can lower it. |
-S |
The soft limit for the given resource. Any process can change the soft limit. |
-a |
Lists all current resource limits. |
-b |
The maximum socket buffer size. |
-c |
The core dump size, expressed in the number of 512-byte blocks. |
-d |
The data area size, in kilobytes. |
-e |
The highest process scheduling priority (nice). |
-f |
The file size limit in blocks when using the [limit] parameter. Not specifying a [limit] instructs the command to report the file size limit. |
-i |
The pending signal number limit. |
-k |
The queue allocation number limit. |
-l |
The maximum size allowed for locking in memory. |
-m |
The physical memory size, in kilobytes. |
-n |
The maximum number of file descriptors that a process can have. |
-p |
The pipe buffer size. |
-P |
The maximum number of pseudoterminals. |
-q |
The maximum number of bytes in POSIX message queues. |
-r |
The maximum number of threads a process can have. |
-R |
The maximum process running time, expressed in microseconds. |
-s |
The stack size, in kilobytes. |
-t |
Specifies a process’ maximum running time, in seconds. |
-T |
The thread number limit. |
-u |
Specifies how many processes a user can create. |
-v |
The maximum virtual memory available for processes. |
-x |
The maximum number of file locks. |
Note: If your system doesn’t support a feature, the corresponding flag does not work.
[limit]
Parameter
Adding a [limit]
passes the new value for the specified resources. When omitted, the command prints the current soft limit value for the specified resource, unless you specify the -H
flag.
The limit applies to both the soft and hard limit if neither the -H
nor -S
flags are specified.
Exit Values
The ulimit
command has two exit values:
0
. Marks a successful completion.>0
. A request for a higher limit was rejected or an error occurred.
Soft Limit
The soft resource limits are kernel-enforced values for the corresponding resource. The soft limit is manageable by any user, and its maximum value cannot exceed the hard limit. The hard limit acts as a ceiling for the soft limit.
To view the detailed soft limits for the current user, run:
ulimit -Sa
Hard Limit
The hard resource limit defines physical resource limit for a user. At the same time, the hard limit is the maximum value for soft limit. Only root users are allowed to change the hard limit.
To view the detailed hard limits for the current user, run:
ulimit -Ha
Note: To avoid performance issues and noisy neighbors, choose one of our Bare Metal Cloud instances. With dedicated compute power, you do not have to worry about resource contention.
How to Use ulimit
Run the ulimit
command by entering the command name in the terminal:
ulimit
The output shows the resource amount that the current user has access to. In this example, the user has unlimited system resources. To view or set individual resource limits, use the available ulimit
flags.
The following sections lists the most common uses of the ulimit
command.
Detailed Limit Report
Get a detailed report with all resource limits for the current user by specifying the -a
flag:
ulimit -a
The output contains a detailed report about the resource limits for the current user.
Limit Process Number
Limit a user’s maximum process number by specifying the -u
flag and the number of processes.
For example, we will limit the process number to 10:
ulimit -u 10
Restricting the maximum process number per user prevents them from using up all the system’s resources. Limiting the process number also prevents the adverse effects of potential attacks such as fork bomb.
For example:
In the example above, we first limited the process number to 10, and then executed a fork bomb. The fork bomb would otherwise use up all the resources and make the system unresponsive.
Note: See why fork bombs are dangerous and what other Linux commands you should never run.
Limit File Size
The -f
flag sets the maximum file size that a user can make. For example, the following command limits the file size to 50KB:
ulimit -f 50
Test if the limit works by creating a larger file. For example, we used the cat command to redirect the /dev/zero output to a file, which would be much larger than 50KB:
The output states that the file size limit has been exceeded. Check the file size by running:
ls -lh file
The ls command output shows that the file size is exactly 50KB, which is the limit we have previously set.
Limit Maximum Virtual Memory
Use the -v
flag to set the maximum virtual memory amount available to a process. Limiting a process’ virtual memory stops it from using up all the memory and prevents thrashing.
For example, the following command limits the virtual memory available for a process to 1000KB:
ulimit -v 1000
Limit the Number of Open Files
The -n
flag limits the number of simultaneously opened files (file descriptors). The following example sets the number of open files to five:
ulimit -n 5
To test this, we will try to open multiple text files, which results in an error:
Edit limits.conf file to Change Soft or Hard Limit
To change the soft or hard limit, edit the values in the limits.conf file.
Follow the steps below:
1. Open a terminal window and change the directory to /etc/security
:
cd /etc/security
2. Open the limits.conf file using a text editor, such as the vim editor.
vim limits.conf
3. Change the limit values by editing the existing entries or adding a new one. Each limitation entry has four parts:
<domain>
. Defines a user, a group, or contains a wildcard (*
or%
).<type>
. Accepts two values –soft
orhard
.<item>
. Accepts any of the values listed in the configuration file.<value>
. An integer value expressed in a unit associated with<item>
.
For example:
Make sure to uncomment the line when editing the config file.
Note: Learn how to save changes using the vi/vim editor.
Conclusion
You now know how to use the ulimit
command to prevent users, buggy commands, or programs from utilizing an excessive system resource amount. Unlimited resource use in a shared environment impacts other users’ experience, so the best way to prevent it is to set appropriate limits.
原创文章,作者:kepupublish,如若转载,请注明出处:https://blog.ytso.com/224717.html