Rhel9 Ulimit

9 views
Skip to first unread message

Yolette Langevin

unread,
Aug 3, 2024, 2:33:34 PM8/3/24
to itharofi

I have a fully-updated Red Hat Enterprise Linux (RHEL) 8.1 x86_64 system where, as a local user in a local terminal (i.e. not remotely via SSH), when I run ulimit -Sn it says 1024 and ulimit -Hn yields 4096. I would like to increase those numbers because often when I compile large projects like gcc, the make step would fail with a too many open files error. I've even tried moving the compilation into a podman container, but that didn't help because the container just inherited my local user's ulimits.

In a systemd setup before version 240 all user processes run under default user resource limits suggested by the kernel, which on RHEL 8.1 appears to be 4096 for the hard limit and 1024 for the soft limit. In systemd 240 this changed to set the default hard limit to 512K, the default soft limit remains the same, to avoid problems with programs reserving memory for every potential file descriptor or other compatibility issues.

After that you can indeed raise the default Soft limit of NOFILE by setting it in /etc/security/limits.conf with * soft nofile nnnn. Adding pam_limits to /etc/pam.d/login is not required, at least not in Centos 7, as that is already included through /etc/pam.d/system-auth.

-bash: ulimit: open files: cannot modify limit: Operation not permittedThe weird part is that I can change the limit downwards, but can't change it upwards - even to go back to a number which is below the original limit:

Soft limits could be set by any user while hard limits are changeable only by root.Limits are a property of a process. They are inherited when a child process is created so system-wide limits should be set during the system initialization in init scripts and user limits should be set during user login for example by using pam_limits.

There are often defaults set when the machine boots. So, even though you may reset your ulimit in an individual shell, you may find that it resets back to the previous value on reboot. You may want to grep your boot scripts for the existence ulimit commands if you want to change the default.

If you are using Linux and you got the permission error, you will need to raise the allowed limit in the /etc/limits.conf or /etc/security/limits.conf file (where the file is located depends on your specific Linux distribution).

So I have a few questions:
1. Why is there a different setting being used for my user, if the configuration is applied to "*"?
2. Where can I permanently change my user's limit to the one used globally, or at least change it in a file specific for my user, without having to run "ulimit -n 10000" in my bashrc?

Hi! Yes, I did, I've had those settings for more than a year now and have rebooted my computer a lot since then (I upgrade every week), so they should have been picked up. Maybe there's a program overriding that value?

I'm researching the Splunk Enterprise Environment and as of now I'm on "Architecture Optimization". I had a quick question for version 9.0.2 and that is how and what is the recommended Ulimit increase on Linux for optimization purposes?

You have to ask yourself what are the ulimits and what purpose they serve. They are limits that system enforces on a particular user and they are in place not to help a single process or user but rather to prevent one user from "overrunning" whole server and starving it out of resources. Therefore ulimits are usually set relatively low on servers with many concurrent users (like old-style unix servers in university departments on which many users work at the same time), they might have some use on your local laptop where you might have different services working with different user's accounts but don't make much sense in a single-purpose single-service server.

ulimit is a built-in Linux shell command that allows viewing or limiting system resource amounts that individual users consume. Limiting resource usage is valuable in environments with multiple users and system performance issues.

Adding a [limit] passes the new value for the specified resources. When omitted, the command prints the current soft limit value for the specified resource, unless you specify the -H flag.

The soft resource limits are kernel-enforced values for the corresponding resource. The soft limit is manageable by any user, and its maximum value cannot exceed the hard limit. The hard limit acts as a ceiling for the soft limit.

The hard resource limit defines physical resource limit for a user. At the same time, the hard limit is the maximum value for soft limit. Only root users are allowed to change the hard limit.

Note: To avoid performance issues and noisy neighbors, choose one of our Bare Metal Cloud instances. With dedicated compute power, you do not have to worry about resource contention.

The output shows the resource amount that the current user has access to. In this example, the user has unlimited system resources. To view or set individual resource limits, use the available ulimit flags.

Restricting the maximum process number per user prevents them from using up all the system's resources. Limiting the process number also prevents the adverse effects of potential attacks such as fork bomb.

You now know how to use the ulimit command to prevent users, buggy commands, or programs from utilizing an excessive system resource amount. Unlimited resource use in a shared environment impacts other users' experience, so the best way to prevent it is to set appropriate limits.

Every time, my application crash a core dump file is not generated. I remember that few days ago, on another server it was generated. I'm running the app using screen in bash like this:

Furthermore, these coredumps are compressed in the lz4 format. To decompress, you can use the package liblz4-tool like this: lz4 -d FILE. To be able to debug the decompressed coredump using gdb, I also had to rename the utterly long filename into something shorter...

Remember if you are starting the server from a service, it will start a different bash session so the ulimit won't be effective there. Try to put this in your script itself:

If one is on a Linux distro (e.g. CentOS, Debian) then perhaps the most accessible way to find out about core files and related conditions is in the man page. Just run the following command from a terminal:

Also, check to make sure you have enough disk space on /var/core or wherever your core dumps get written. If the partition is almos full or at 100% disk usage then that would be the problem. My core dumps average a few gigs so you should be sure to have at least 5-10 gig available on the partition.

The answers given here cover pretty well most scenarios for which core dump is not created. However, in my instance, none of these applied. I'm posting this answer as an addition to the other answers.

If your core file is not being created for whatever reason, I recommend looking at the /var/log/messages. There might be a hint in there to why the core file is not created. In my case there was a line stating the root cause:

If you call daemon() and then daemonize a process, by default the current working directory will change to /. So if your program is a daemon then you should be looking for a core in / directory and not in the directory of the binary.

Although this isn't going to be a problem for the person who asked the question, because they ran the program that was to produce the core file in a script with the ulimit command, I'd like to document that the ulimit command is specific to the shell in which you run it (like environment variables). I spent way too much time running ulimit and sysctl and stuff in one shell, and the command that I wanted to dump core in the other shell, and wondering why the core file was not produced.

I will be adding it to my bashrc. The sysctl works for all processes once it is issued, but the ulimit only works for the shell in which it is issued (maybe also the descendents too) - but not for other shells that happen to be running.

Just in case someone else stumbles on this. I was running someone else's code - make sure they are not handling the signal, so they can gracefully exit. I commented out the handling, and got the core dump.

Instead of writing the core dump to disk, your system is configured to send it to the abrt (meaning: Automated Bug Reporting Tool, not "abort") program instead. Automated Bug Reporting Tool is possibly not as documented as it should be...

In any case, the quick answer is that you should be able to find your core file in /var/cache/abrt, where abrt stores it after being invoked. Similarly, other systems using Apport may squirrel away cores in /var/crash, and so on.

On recent Ubuntu (12.04 in my case), it's possible for "Segmentation fault (core dumped)" to be printed, but no core file produced where you might expect one (for instance for a locally compiled program).

This can happen if you have a core file size ulimit of 0 (you haven't done ulimit -c unlimited) -- this is the default on Ubuntu. Normally that would suppress the "(core dumped)", cluing you into your mistake, but on Ubuntu, corefiles are piped to Apport (Ubuntu's crash reporting system) via /proc/sys/kernel/core_pattern, and this seems to cause the misleading message.

c80f0f1006
Reply all
Reply to author
Forward
0 new messages