limits.conf File To Limit Users, Process In Linux With Examples

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/limits-conf-file-limit-users-process-linux-examples/
PINTEREST
PINTEREST
INSTAGRAM

limits.conf configuration file is used to limit user, domain, process related metrics. Limits.conf is related with pam_limits module.

Configuration File

There is configuration file named limits.conf and located at /etc/security/ . The default content of this file is like below.

As we can see all configurations are commented so they are not effective. There is also a directory which is use to store configuration files in a separate files to maintain easily. This location is /etc/security/limits.d/ . It is by default empty but we can create rules in this directory easily.

Syntax

Limits.conf file have a simple and reliable syntax. This syntax is defined to easily set context, type, limits and related values. We will look all of this terms below.

Domain

While limits configuration we need to specify context. This content can be defined in various ways and various parameters. The first column of the rule is the domain. Domain can be following

  • username
  • groupname
  • * specifies all
  • userid
  • groupid

Type

While limiting there is two type of limit implementation. These are called hard and soft .

Hard limits are set by root and enforced by kernel

LEARN MORE  How To Get Ram Information In Linux

Soft limits have some range overload.

Item

Items are the core of limits. Items are used to specify the item the limit will be applied. For example if we want to limit the maximum process number we will use nproc numbers. Here are some of the items those can be used to for limit operation

  • fsize specifies maximum file size
  • nofile specifies maximum number of file size
  • cpu specifies maximum CPU time
  • nproc specifies maximum number of process
  • maxlogins specifies maximum number of logins
  • maxsyslogins specifies maximum number of logins for all users

Specify User For Limit

Now we can start examples. As we stated we can limit relevant items according to user name. In the following rule we will specify a limit for username ismail where we specify the user name in the first column.

In this example we set core or CPU limit for value 1000000 for username ismail as hard

Specify Group For Limit

In this example we can specify limit for a user group name. This type of limitation can be useful if we want to restrict some user group names.

In this example we specify apache group name to limit process number as maximum 20

Use Wildcard For Limit

While specifying the domain or the users and groups we may need to set limit for all users and groups in a system. Here we will use * or wildcard for this.

In this exmaple we set rss limit for all users and groups in this systems.

LEARN MORE  How To Disable or Lock Linux User Account?

Specify User ID Range For Limit

We want to specify limit some users. But they are not in a user group and we do not want or can create group for these groups. Specifying limits one by one is a problem. We can specify multiple users like below. But the restriction is that we will specify range

The rule above will be applied to the users those User ID’s are between 1000 and 1010 . The : operator used to specify range.

Specify Group ID Range For Limit

The similar definition like previous user range is group range. We will specify group ID range like below.

In this example the rules will be applied for the group ID’s between 500 and 510 . We use @ operator to specify ID’s as group and : for range.

Limit Number of Process

Now we will start to look different item types to use. There are more items than described here but these are most popular ones. First example is limiting number of processes for a user.

In the example we limit process number with nproc item. The user the rule will apply is ismail and the maximum number of process for this user can own is 20

Limit CPU Time

Another useful item to limit is CPU time. We can set limits about the CPU time .

In this example we applied maximum 10000 cycles for user ismail by using cpu item.

LEARN MORE  How To Generate Random Numbers In Linux

Limit Number Of Open File

We can limit the numbers of file a user can open in time. This can be useful to prevent disk bottlenecks if the system have a lot of users those access files.

In this example we specify that the user ismail can only open 512 files or file descriptors with nofile item.

Limit Number Of Logins

By default a user can have infinite numbers of connections, sessions or logins in a system. This may create some security or performance problems for the systems. We can set some limits about this.

In this examples we limit student groups users login count. We use maxlogins for each users in student group. The maximum number of login can not be more than 4 .

Limit Number Of System Logins

In previous example we have restricted maximum logins as user base. we can also specify total number of logins in system wide. This restriction will be effective in general manner.

In this example we restrict for all users and groups but actually this is not a user or group based restriction. We set this rule system wide and use maxsyslogin item as 40

Limit Maximum File Size

We may want to restrict file size. This restriction can be useful in temp or similar usage type files.

In this example we limit the students single file size as 4000000 . This is presentation of KB or kilobyte. So the example means 4 GB . We use fsize as item type.

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/limits-conf-file-limit-users-process-linux-examples/
PINTEREST
PINTEREST
INSTAGRAM

One Reply to “limits.conf File To Limit Users, Process In Linux With Examples”

Leave a Reply

Your email address will not be published.