Posted on October 6, 2023 by nexonhost
How To Use Ulimit Command In Linux.
ulimit is a built-in Linux shell command that allows viewing or limiting system resource amounts that individual users consume. Limiting resource usage is valuable in environments with multiple users and system performance issues.
What Is limits.conf?
The limits.conf file is a configuration file that defines the system resource allocation settings ulimit uses. The full path to the configuration file is /etc/security/limits.conf.
Changing the values in the file persist after system reboot. Superuser permissions are required for editing the limits.conf file.
The first section of the limits.conf file looks like this:
ulimit, Soft Limit, and Hard Limit in Linux Explained
The following sections explain the ulimit syntax and the difference between two resource limitation types – a soft limit and hard limit.
ulimit Syntax
The ulimit command takes the following general syntax:
ulimit [flags][limit]
For example, to set the physical memory size in kilobytes, enter:
ulimit -m 15000
Flags
Use the ulimit flags to view or limit individual values for various system resources. When a [limit] is given, it is the new value of the specified resource.
The available flags are:
Flag | Description |
---|---|
-H | The hard limit for the given resource. Only root users can raise the hard limit, and any process can lower it. |
-S | The soft limit for the given resource. Any process can change the soft limit. |
-a | Lists all current resource limits. |
-b | The maximum socket buffer size. |
-c | The core dump size, expressed in the number of 512-byte blocks. |
-d | The data area size, in kilobytes. |
-e | The highest process scheduling priority (nice). |
-f | The file size limit in blocks when using the [limit] parameter. Not specifying a [limit] instructs the command to report the file size limit. |
-i | The pending signal number limit. |
-k | The queue allocation number limit. |
-l | The maximum size allowed for locking in memory. |
-m | The physical memory size, in kilobytes. |
-n | The maximum number of file descriptors that a process can have. |
-p | The pipe buffer size. |
-P | The maximum number of pseudoterminals. |
-q | The maximum number of bytes in POSIX message queues. |
-r | The maximum number of threads a process can have. |
-R | The maximum process running time, expressed in microseconds. |
-s | The stack size, in kilobytes. |
-t | Specifies a process’ maximum running time, in seconds. |
-T | The thread number limit. |
-u | Specifies how many processes a user can create. |
-v | The maximum virtual memory available for processes. |
-x | The maximum number of file locks. |
[limit] Parameter
Adding a [limit] passes the new value for the specified resources. When omitted, the command prints the current soft limit value for the specified resource, unless you specify the -H flag.
The limit applies to both the soft and hard limit if neither the -H nor -S flags are specified.
Exit Values
The ulimit command has two exit values:
0. Marks a successful completion.
>0. A request for a higher limit was rejected or an error occurred.
Soft Limit
The soft resource limits are kernel-enforced values for the corresponding resource. The soft limit is manageable by any user, and its maximum value cannot exceed the hard limit. The hard limit acts as a ceiling for the soft limit.
To view the detailed soft limits for the current user, run:
ulimit -Sa
Hard Limit
The hard resource limit defines physical resource limit for a user. At the same time, the hard limit is the maximum value for soft limit. Only root users are allowed to change the hard limit.
To view the detailed hard limits for the current user, run:
ulimit -Ha
How to Use ulimit
Run the ulimit command by entering the command name in the terminal:
ulimit
The following sections lists the most common uses of the ulimit command.
Detailed Limit Report
Get a detailed report with all resource limits for the current user by specifying the -a
flag:
ulimit -a
The output contains a detailed report about the resource limits for the current user.
Limit Process Number
Limit a user’s maximum process number by specifying the -u flag and the number of processes.
For example, we will limit the process number to 10:
ulimit -u 10
Restricting the maximum process number per user prevents them from using up all the system’s resources. Limiting the process number also prevents the adverse effects of potential attacks such as fork bomb.
Limit File Size
The -f flag sets the maximum file size that a user can make. For example, the following command limits the file size to 50KB:
ulimit -f 50
Test if the limit works by creating a larger file. For example, we used the cat command to redirect the /dev/zero output to a file, which would be much larger than 50KB.
The output states that the file size limit has been exceeded. Check the file size by running:
ls -lh file
Limit Maximum Virtual Memory
Use the -v flag to set the maximum virtual memory amount available to a process. Limiting a process’ virtual memory stops it from using up all the memory and prevents thrashing.
For example, the following command limits the virtual memory available for a process to 1000KB:
ulimit -v 1000
Limit the Number of Open Files
The -n flag limits the number of simultaneously opened files (file descriptors). The following example sets the number of open files to five:
ulimit -n 5
Edit limits.conf file to Change Soft or Hard Limit
To change the soft or hard limit, edit the values in the limits.conf file.
Follow the steps below:
Open a terminal window and change the directory to
/etc/security:
cd /etc/security
Open the
limits.conf file using a text editor, such as the vim editor.
vim limits.conf
Change the limit values by editing the existing entries or adding a new one. Each limitation entry has four parts:
<domain>. Defines a user, a group, or contains a wildcard (
*
or%
).<type>. Accepts two values – soft or hard.
<item>. Accepts any of the values listed in the configuration file.
<value>. An integer value expressed in a unit associated with <item>.
Make sure to uncomment the line when editing the config file.
Conclusion
You now know how to use the ulimit command to prevent users, buggy commands, or programs from utilizing an excessive system resource amount. Unlimited resource use in a shared environment impacts other users’ experience, so the best way to prevent it is to set appropriate limits.