Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
how do i make ulimit settings... apply?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
adante
n00b
n00b


Joined: 08 Jan 2004
Posts: 27

PostPosted: Wed Mar 28, 2007 11:51 am    Post subject: how do i make ulimit settings... apply? Reply with quote

Hi, I am having some trouble applying limit settings

In my /etc/limits, I have tried the following entries

Code:
adante N4096
* N4096


Just for the heck of it I have also put into /etc/security/limits.conf
Code:

adante          soft    nofiles         4096
adante          hard    nofiles         8192
*               soft    nofiles         4096
*               hard    nofiles         8192


and also added
Code:
session    required     /lib/security/pam_limits.so

to /etc/pam.d/login

But when I login:
Code:
Using username "adante".
Authenticating with public key ""
Last login: Wed Mar 28 21:45:40 2007 from 192.168.1.67
adante@pveer ~ $ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 16383
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited



The limits still do not work.

What is the secret behind getting them to work? All the documentation tells me I need to re-login. I have done this, but still the file limit is 1024. Do I need to reboot? Physically login to terminal? Log out of all instances? Is this mentioned anywhere?
Back to top
View user's profile Send private message
embobo
Guru
Guru


Joined: 19 May 2003
Posts: 311

PostPosted: Thu Mar 29, 2007 6:52 am    Post subject: Re: how do i make ulimit settings... apply? Reply with quote

adante wrote:
Hi, I am having some trouble applying limit settings

In my /etc/limits, I have tried the following entries

Code:
adante N4096
* N4096


Just for the heck of it I have also put into /etc/security/limits.conf
Code:

adante          soft    nofiles         4096
adante          hard    nofiles         8192
*               soft    nofiles         4096
*               hard    nofiles         8192


and also added
Code:
session    required     /lib/security/pam_limits.so

to /etc/pam.d/login

But when I login:
Code:
Using username "adante".
Authenticating with public key ""
Last login: Wed Mar 28 21:45:40 2007 from 192.168.1.67
adante@pveer ~ $ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 16383
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited



The limits still do not work.

What is the secret behind getting them to work? All the documentation tells me I need to re-login. I have done this, but still the file limit is 1024. Do I need to reboot? Physically login to terminal? Log out of all instances? Is this mentioned anywhere?


I don't know what checks /etc/limits but the pam module checks /etc/security/limits.conf. The man page
of limits.conf doesn't give "nofiles" as an item. Try "nofile".

Also, in /etc/pam.d/login you can add "debug" after "/lib/security/pam_limits.so". That may help troubleshooting.

You may need to reboot or kill all "login" processes.

If you are ssh'ing to the box you need to have "UseLogin yes" in /etc/ssh/sshd_config. Alternately,
you could put the pam stuff in /etc/pam.d/ssh or possibly /etc/pam.d/system-auth.
Back to top
View user's profile Send private message
adante
n00b
n00b


Joined: 08 Jan 2004
Posts: 27

PostPosted: Thu Mar 29, 2007 11:59 pm    Post subject: Reply with quote

thank you embobo! that worked!
Back to top
View user's profile Send private message
qriff
n00b
n00b


Joined: 04 Dec 2003
Posts: 73

PostPosted: Fri Nov 28, 2008 8:02 pm    Post subject: Reply with quote

1.) edit /etc/security/limits.conf and add
Code:
*              hard    nofile          8192
*              soft    nofile          4096


2.) edit /etc/pam.d/system-login and add
Code:
session        required           pam_limits.so


2.1) (optional) edit /etc/pam.d/login and add
Code:
session        required           pam_limits.so


3.) logout and login, type
Code:

# ulimit -n
4096


4.) (optional) add "debug" after pam_limits.so
Code:
session        required           pam_limits.so debug
and read debug output from /var/log/messages
Code:
 sshd[x]: Accepted publickey for user from xxx.xxx.xxx.xxx port xxxxx ssh2
pam_limits(sshd:session): reading settings from '/etc/security/limits.conf'
sshd[x]: pam_limits(sshd:session): process_limit: processing hard nofile 8192 for USER
sshd[x]: pam_limits(sshd:session): process_limit: processing soft nofile 4096 for USER
sshd[x]: pam_unix(sshd:session): session opened for user user by (uid=x)
Back to top
View user's profile Send private message
Kalin
Tux's lil' helper
Tux's lil' helper


Joined: 22 Dec 2002
Posts: 130
Location: Germany

PostPosted: Thu May 09, 2013 4:10 pm    Post subject: Reply with quote

Also, if you are logging via ssh, check /etc/ssh/sshd_confg for `UsePAM yes` :-) That solved my problem.
Back to top
View user's profile Send private message
masc
n00b
n00b


Joined: 29 Dec 2008
Posts: 29

PostPosted: Sat Jul 13, 2013 10:22 am    Post subject: Reply with quote

this setup broke for me after upgrading to pambase-20120417-r2.

when system starts up limits are not applied for services initially.
after restarting services (eg. apache) manually limits are applied correctly..
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum