ulimit is a Linux shell command that allows to view or limit the amount of system resources consumed by local Linux users.
The ulimit command comes with shell(bash,sh,zsh etc) packages on Linux systems. The default shell in most Linux distribution is bash. As with most operating systems, it is installed during installation. Ulimit usage, may vary depending on the shell (bash, sh, zsh, csh etc.) used. Parameters can be named more or less differently.
Changes made with Ulimit are temporary. The /etc/security/limits.conf
file is pointed to for permanent limits. However, it is recommended to proceed by creating a new configuration file under the /etc/security/limits.d
directory.
Understanding ulimit usage
If you haven't used the ulimit command before, run the following command in terminal to see your local user limits:
[foc@rocky9 ~]$ ulimit -a
real-time non-blocking time (microseconds, -R) unlimited
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 5694
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 5694
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
You can see that some values have unlimited and some values have a certain limit.
List what you can do with ulimit
by typing the following command in the terminal:
[foc@rocky9 ~]$ ulimit --help
ulimit: ulimit [-SHabcdefiklmnpqrstuvxPT] [limit]
Modify shell resource limits.
Options:
-S use the `soft' resource limit
-H use the `hard' resource limit
-a all current limits are reported
-b the socket buffer size
-c the maximum size of core files created
-d the maximum size of a process's data segment
-e the maximum scheduling priority (`nice')
-f the maximum size of files written by the shell and its children
-i the maximum number of pending signals
-k the maximum number of kqueues allocated for this process
-l the maximum size a process may lock into memory
-m the maximum resident set size
-n the maximum number of open file descriptors
-p the pipe buffer size
-q the maximum number of bytes in POSIX message queues
-r the maximum real-time scheduling priority
-s the maximum stack size
-t the maximum amount of cpu time in seconds
-u the maximum number of user processes
-v the size of virtual memory
-x the maximum number of file locks
-P the maximum number of pseudoterminals
-R the maximum time a real-time process can run before blocking
-T the maximum number of threads
When you run these parameters in plain form with the active user, it shows the value of that parameter. For example, with the max user process -u
parameter:
[foc@rocky9 ~]$ ulimit -u
5701
you can learn the max locked memory limit of that user with the -l
parameter:
[foc@rocky9 ~]$ ulimit -l
64
Hard (-H
) and soft (-S
) limits are given for each value to be limited. Parameters are written side by side to display values such as hard-soft:
[foc@rocky9 ~]$ ulimit -Hu 5701 [foc@rocky9 ~]$ ulimit -Hl 64
The soft limit is the limit allocated for the actual processing of users. The hard limit is an upper (final limit) limit of the soft limit values.
Limiting different types of resource limits with ulimit
One thing to consider when changing the limit is that the soft limit should not be more than the hard limit. The rule is expressed as:
soft limits <= hard limit
Increase ulimit values for 5 frequently used values.
Example -1 Modify File Size Limit
To increase the file size value, a new value must be written after the -f parameter:
[foc@rocky9 ~]$ ulimit -f 1050
In the last case file size:
[foc@rocky9 ~]$ ulimit -f
1050
Example -2 Modify Max Memory Size
To increase max memory size:
[foc@rocky9 ~]$ ulimit -m 1024
Max memory size status:
[foc@rocky9 ~]$ ulimit -m
1024
Example -3 Modify Open File Limit
Open files previous value:
[foc@rocky9 ~]$ ulimit -n
1024
Let's increase:
[foc@rocky9 ~]$ ulimit -n 1280
Latest status:
[foc@rocky9 ~]$ ulimit -n
1280
Example -4 Modify Max User Processes Limit
To change the maximum number of processes the user can create:
[foc@rocky9 ~]$ ulimit -u 4096
Let's take the final state:
[foc@rocky9 ~]$ ulimit -u
4096
Example -5 Modify Virtual Memory Limit
Finally, let's increase the virtual memory value:
[foc@rocky9 ~]$ ulimit -v 1024
Let's look at the virtual memory value:
[foc@rocky9 ~]$ ulimit -v
1024
We shared examples of increasing 5 values above.
Bonus Tip
These values will return to default when the user logs out and re-enters.
You can write these values to .bashrc file for automatic application when user login.
[foc@rocky9 ~]$ nano ~/.bashrc ulimit -f 2050 ulimit -m 2024 ulimit -n 2280 ulimit -u 2096 ulimit -v 10240
Save and exit the file. Let's user logout and login. View the limits:
[foc@rocky9 ~]$ ulimit -a
file size (blocks, -f) 2050
max memory size (kbytes, -m) 2024
open files (-n) 2280
max user processes (-u) 2096
virtual memory (kbytes, -v) 10240
How to modify ulimit permanently?
In the previous section we applied ulimit changes to individual users via terminal which we know is non-persistent. To make them persistent we added the changes to individual user's .bashrc
file. But instead of that it is recommended to add all custom ulimit changes inside /etc/security/limits.d
file which will automatically be considered every time a user with matching ruleset logs in to the server.
Let's create an example configuration file for the following values:
- - core - limits the core file size (KB)
- - data - max data size (KB)
- - fsize - maximum filesize (KB)
- - stack - max stack size (KB)
- - nproc - max number of processes
- - maxlogins - max number of logins for this user
- - maxsyslogins - max number of logins on the system
Apply ulimit to users
Create a file named user_limits.conf
:
[foc@rocky9 ~]$ sudo nano /etc/security/limits.d/user_limits.conf
#For foc user foc soft core 1024 foc soft data 4096 foc hard fsize 1048576 foc soft maxlogins 4 foc hard maxsyslogins 6 foc soft stack 512 #For faruk user faruk soft core 2048 faruk soft data 3072 faruk hard fsize 1048576 faruk soft maxlogins 2 faruk hard maxsyslogins 3 faruk soft nproc 1200
For example, we added hard and soft limit lines for users. To see the changes, you must do one of the following:
- Log out of ssh connection and log back in
- Log out session and log back with user.
limits.conf
do not require reboot. You just need to close your active session and start a new session to pick the new changes.Show limits for foc
and faruk
users. For foc
user:
[foc@rocky9 ~]$ ulimit -a
core file size (blocks, -c) 1024
data seg size (kbytes, -d) 4096
file size (blocks, -f) 1048576
stack size (kbytes, -s) 512
Switch to user faruk
[foc@rocky9 ~]$ su - faruk Password: Last login: Mon Oct 3 23:11:30 +03 2022 on pts/0
Ulimit for faruk
user:
[faruk@rocky9 ~]$ ulimit -a
core file size (blocks, -c) 2048
data seg size (kbytes, -d) 3072
file size (blocks, -f) 1048576
max user processes (-u) 1200
Try logging in more than the specified value from different terminals for the max login value. You will encounter the following warning:
foc@fedora:~$ ssh -l foc 192.168.122.238
foc@192.168.122.238's password:
There were too many logins for 'foc'.
Last login: Mon Oct 3 23:26:30 2022 from 192.168.122.1
Connection to 192.168.122.238 closed.
For faruk user:
foc@fedora:~$ ssh -l faruk 192.168.122.238
faruk@192.168.122.238's password:
There were too many logins for 'faruk'.
Last login: Mon Oct 3 23:26:30 2022 from 192.168.122.1
Connection to 192.168.122.238 closed.
Apply ulimit to groups
We defined it for users, let's create an example file for user groups:
[foc@rocky9 ~]$ sudo nano /etc/security/limits.d/group_limits.conf #For worker group @worker hard rss 10000 @worker soft as 12000 #For test01 group @test01 hard rss 11000 @test01 soft as 13000
The foc
user is in the worker group, and the faruk
user is in the test01 group. You can define different limits according to the groups that users belong to. In this way, you do not have to make separate definitions for each user.
In the last case, the values in KB can be seen with the following command.
[faruk@rocky9 ~]$ cat /proc/$(ps -uax | grep faruk | head -1 |awk {'print $2'})/limits
Limit Soft Limit Hard Limit Units
Max resident set 11264000 11264000 bytes
Max address space 13312000 unlimited bytes
[foc@rocky9 ~]$ cat /proc/$(ps -uax | grep foc | head -1 |awk {'print $2'})/limits
Limit Soft Limit Hard Limit Units
Max resident set 10240000 10240000 bytes
Max address space 12288000 unlimited bytes
Each value you set is now permanent. You can now increase limit using the opportunities offered by ulimit.
Summary
Increasing user limits may be appropriate for short-term access. Permanent limit increase is usually used by users who manage the application. In systems with central user management, these actions will not be needed.
We recommend that you try the limit increase experience on test systems first.
References
Redhat.com - How to set ulimit values
gist.github.com - How to increase ulimit in Linux