Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how to set permanent ulimit

1,554 views
Skip to first unread message

Vadkan Jozsef

unread,
Jan 26, 2010, 1:00:02 PM1/26/10
to
How can I set ulimit?

when I give:

ulimit -n 10240

ok,

ulimit -n

gives 10240. But. after a few minutes, it 1024 again!

How can I set the ulimit to be permanently 10240?

It would be important! :S

Thank you :\


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Boyd Stephen Smith Jr.

unread,
Jan 26, 2010, 1:20:02 PM1/26/10
to
On Tuesday 26 January 2010 11:54:49 Vadkan Jozsef wrote:
> How can I set ulimit?
>
> when I give:
>
> ulimit -n 10240

ulimits is an inheritable aspect of processes, like an environment variable.
The ulimit "command" is actually a shell built-in that tell the shell process
to increase its limit.

> ok,
>
> ulimit -n
>
> gives 10240. But. after a few minutes, it 1024 again!

The change will be inherited by all sub-processes (anything that was fork()ed
or clone()d), but it won't change in any other process. I think you might be
closing your terminal (which normally ends your shell process), then starting
a new one (which starts a different shell process that isn't a sub-process of
the original).

> How can I set the ulimit to be permanently 10240?

Most shells and Xsessions have some file or directory where select user
commands can be placed to execute in the current process (e.g. via the "."
(dot) a.k.a. "source" command in a shell).

.kde/env -- for KDE sessions
.zshrc -- (among others) for zsh sessions

Consult your shell and/or DE documentation for details.
--
Boyd Stephen Smith Jr. ,= ,-_-. =.
b...@iguanasuicide.net ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/ \_/

signature.asc

Stephen Powell

unread,
Jan 26, 2010, 1:50:01 PM1/26/10
to
On 2010-01-26 at 12:54:49 -0500, Vadkan Jozsef wrote:
> How can I set ulimit?
> when I give:
>
> ulimit -n 10240
>
> ok,
>
> ulimit -n
>
> gives 10240. But. after a few minutes, it 1024 again!
> How can I set the ulimit to be permanently 10240?
> It would be important! :S
> Thank you :\

man bash
/ulimit

Description for the -n option says

The maximum number of open file descriptors (most systems do not allow this value to be set)

Apparently, one must be root to set ulimit. I tried it as a non-root user and got

-bash: ulimit: open files: cannot modify limit: Operation not permitted

But as the root user it works. I don't know how long you waited, but so far, my changes
are holding. I'm running bash version 3.2-4 under Lenny. However, the change holds only
for the current shell session and shell sessions descended from it. Other shell sessions
are not affected. The following will not work:

$ su
Password: [enter password for root]
# ulimit -n 10240
# ulimit -n
10240
# exit
$ ulimit -n
1024

The su command invokes a new shell. You change the limit in the new shell.
The exit command takes you back to the previous shell. The limit in that
shell is unchanged. If you did something like this:

[login as fred]
$ su
Password: [enter password for root]
# ulimit -n 10240
# su fred
$ ulimit -n
10240

Then a non-root user (fred) gets the new value for ulimit.
The first shell is the login shell. It's limit is still 1024.
The second (nested) shell is the root shell entered by "su" with no
arguments. It's limit starts as 1024 but is dynamically changed to 10240.
The "su fred" command invokes a third nested shell, which
inherits its ulimit value from the second nested shell.
It's limit is 10240. But this requires a couple of nested
shells, the second of which is still running as root, which
is a security exposure. All the user has to do is type "exit"
and he is now root! Maybe someone else knows a better way.

Alex Samad

unread,
Jan 26, 2010, 2:50:03 PM1/26/10
to
On Tue, Jan 26, 2010 at 01:47:31PM -0500, Stephen Powell wrote:
> On 2010-01-26 at 12:54:49 -0500, Vadkan Jozsef wrote:
> > How can I set ulimit?
> > when I give:
> >
> > ulimit -n 10240
> >
> > ok,
> >
> > ulimit -n
> >
> > gives 10240. But. after a few minutes, it 1024 again!
> > How can I set the ulimit to be permanently 10240?
> > It would be important! :S
> > Thank you :\

have a look at /etc/security/limits.conf

I have 2 lines in there that are not commented

@user hard nofile 2048
alex hard nofile 4198

--
At many levels, Perl is a "diagonal" language.
-- Larry Wall in <1997090218...@wall.org>

signature.asc

Stephen Powell

unread,
Jan 26, 2010, 3:50:01 PM1/26/10
to
On 2010-01-26 at 14:40:23 -0500, Alex Samad wrote:
> have a look at /etc/security/limits.conf
>
> I have 2 lines in there that are not commented
>
> @user hard nofile 2048
> alex hard nofile 4198

That works! I modified my /etc/security/limits.conf file and added the following entry:

* hard nofile 1048

I then shutdown and rebooted.

I login as a normal user and issue

$ ulimit -n
1024
$ ulimit -n 1048
$ ulimit -n
1048
$ ulimit -n 2000
-bash: ulimit: open files: cannot modifiy limit: Operation not permitted

The limit starts at the default of 1024, just as before. But ordinary users can raise it
up to and including the new hard limit of 1048. But they cannot raise it above that.
To raise it above the hard limit you must be root.

Thanks, Alex!

Vadkan Jozsef

unread,
Jan 26, 2010, 4:10:03 PM1/26/10
to
so the question still is: how can I set ulimit to be permanent? e.g.:
10240 after reboot? :D

there's no way for it?:O

Stephen Powell

unread,
Jan 26, 2010, 4:50:01 PM1/26/10
to
On 2010-01-26 at 15:53:37 -0500, Vadkan Jozsef wrote:
> so the question still is: how can I set ulimit to be permanent? e.g.:
> 10240 after reboot? :D
>
> there's no way for it?:O

I believe that Alex and I just told you, in effect.
But if you need detailed instructions, OK. :-(

First of all, it depends on whether you want this limit changed for
all users, all users of a group, or just one user, such as a database
server's userid. I'll give you an example for a single user.
I hope you can adapt these instructions if that's not the case.
Let's suppose that user "database" needs to be able to open up to
10240 files at once.

In /etc/security/limits.conf, add the following line:

database hard nofile 10240

In /home/database/.bash_profile add the following line:

ulimit -n 10240

Now shutdown and reboot. Now, whenever "database" logs in, his
file limit will be 10240. This assumes that the login shell for
database is bash. Of course, if a daemon needs these
privileges, this won't work, since there is no interactive
login shell. You may need to modify the daemon's start-up script
in this case to add the ulimit command.

If you want the limit to apply to all users, edit /etc/profile
instead of ~/.bash_profile. And in /etc/security/limits.conf,
substitute an asterisk (*) for the userid "database". Again,
this assumes an interactive login shell of bash. Daemons, since they don't
have an interactive login shell, won't execute that ulimit
command. You'll have to find a place to put it. The startup
script in /etc/init.d might be a good place. But watch for
upgrades to the startup script which remove the modification.
If someone else has a better idea for how to implement this,
let me know.

Stephen Powell

unread,
Jan 26, 2010, 5:10:01 PM1/26/10
to
On 2010-01-26 at 16:44:33 -0500, Stephen Powell wrote:
> In /etc/security/limits.conf, add the following line:
>
> database hard nofile 10240
>
> In /home/database/.bash_profile add the following line:
>
> ulimit -n 10240

I just thought of another way, which I think is even better.
In /etc/security/limits.conf, add *two* lines, in this order:

database hard nofile 10240
database soft nofile 10240

That way, you don't have to mess with a bash profile. And it
should affect daemons too, without modifying their startup
scripts. If you want the change to affect all users, change
the word "database" to an asterisk (*). If you want it to
affect all members of a group, use an "at sign" (@) in front
of the group name, such as @sys.

Vadkan Jozsef

unread,
Jan 26, 2010, 7:10:06 PM1/26/10
to
i wrote this two lines:


* hard nofile 10240
* soft nofile 10240

in /etc/security/limits.conf, reboot
but its now working.

Stephen Powell

unread,
Jan 26, 2010, 7:50:01 PM1/26/10
to
On 2010-01-01 at 19:04:22 -0500, Vadkan Jozsef wrote:
> i wrote this two lines:
>
> * hard nofile 10240
> * soft nofile 10240
>
> in /etc/security/limits.conf, reboot
> but its now working.

That does not make sense. Do you mean "and it's now working",
or do you mean "but it's not working"?

The asterisk does start in column 1 of the file, right?
And there's no pound sign (#) in front of it, right?
The lines which start with a pound sign are comments.
The default version of this file is either blank lines
or comments; there are no effective lines in it.

Vadkan Jozsef

unread,
Jan 27, 2010, 1:20:01 AM1/27/10
to
sorry:D

i wanted to write: it's not working. :\

Alex Samad

unread,
Jan 27, 2010, 3:50:02 AM1/27/10
to
On Wed, Jan 27, 2010 at 07:15:19AM +0100, Vadkan Jozsef wrote:
> sorry:D
>
> i wanted to write: it's not working. :\


what happens when you type ulimit -a


plus you need

# Sets up user limits according to /etc/security/limits.conf
# (Replaces the use of /etc/limits in old login)
session required pam_limits.so

in your /etc/pam.d/login file


>
>
> On k, 2010-01-26 at 19:42 -0500, Stephen Powell wrote:
> > On 2010-01-01 at 19:04:22 -0500, Vadkan Jozsef wrote:
> > > i wrote this two lines:
> > >
> > > * hard nofile 10240
> > > * soft nofile 10240
> > >
> > > in /etc/security/limits.conf, reboot
> > > but its now working.
> >
> > That does not make sense. Do you mean "and it's now working",

[snip]

signature.asc
0 new messages