Changes to /etc/security/limits.conf and /etc/security/limits.d/20-nproc.conf have no effect
Solution 1
The error might occurs due to many reasons.
First of all, Use the following command command to display maximum number of open file descriptors:
$ cat /proc/sys/fs/file-max
Let's pretend the output was 4096, what does it mean? It means, 4096 files a normal user can have open in single login session, you can also display it by checking its Hard and Soft limits by using the commands as follows:
$ ulimit -Hn
$ ulimit -Sn
The number of concurrently open file descriptors throughout the system can be changed by editing /etc/sysctl.conf
. You can increase the maximum number of open files by setting system-wide file descriptors limits as a new value in kernel variable in /proc/sys/fs/file-max
as follows:
$ sysctl -w fs.file-max=200000 #it forces the limit to 200000 files
Then you should edit /etc/sysctl.conf
file so that after reboot the setting will remain as you wished. To do so, add the following lines:
$ fs.file-max = 200000
No need to log out and log back in again, just type:
$ sysctl -p
Then you can verify changes by:
$ cat /proc/sys/fs/file-max
OR
$ sysctl fs.file-max
Then for changing Soft and Hard limits for users, it's better to login as root since a normal user can only change its Soft limit, Hard limits are managed by root. As You've mentioned, for doing it as root you should change User Level File-Discriptor (FD) in /etc/security/limits.conf
. For instance if it's for Oracle user:
oracle soft nofile 4096
oracle hard nofile 63536
For seeing the changes, you do not need to reboot, just reloging via sudo -i
and check if it works or not, so you can make sure what the problem is.
And for users without login, you should do the following as root:
$ sudo -i -u <user>
BTW, you may be in need of editing /etc/pam.d/login file and add the following line:
$ session required pam_limits.so
pam_limit.so
in /etc/pam.d/login means at login time but no on sudo while /etc/pam.d/sudo
limits will also be applied when running sudo without "-i", you may also need apply the above changes in /etc/pam.d/system-auth depending on your needs. I recommend you read about PAM modules.
BTW, for instant applying limits to currently running processes you should do the following additionally to changing /etc/security/limits.conf
:
$ prlimit
I recommend you read this article from RedHat, since you may face with:
On some Linux systems setting "hard" and "soft" limits in the following examples might not work properly when you log in as user oracle via SSH. It might work if you log in as root and su to oracle. If you have this problem try to set UsePrivilegeSeparation to "no" in /etc/ssh/sshd_config and restart the SSH daemon by executing service sshd restart. The privilege separation does not work properly with PAM on some Linux systems. Make sure to talk to the people in charge of security before disabling the SSH security feature "Privilege Separation".
I hope I could help. Good luck.
Solution 2
You may need check profile of someuser. When someuser login. profile can change its ulimit. Files to be check: /etc/profile /etc/bashrc ~someuser/.bash_profile ~someuser/.bashrc
Related videos on Youtube
LukLed
Updated on September 18, 2022Comments
-
LukLed almost 2 years
I have a class:
public class Company { public System.Guid Id { get; set; } public Nullable<System.Guid> CreatedById { get; set; } public virtual Users CreatedBy { get; set; } }
I am adding new object of
Company
class to context and settingCreatedById
field:var newCompanyId = Guid.NewGuid(); var company = new Company(); company.Id = newCompanyId; company.CreatedById = someId; Context.Set<Company>().Add(company);
Then I am using the same context to retrieve company:
var retrievedCompany = Context.Set<Company>().FirstOrDefault(item => item.Id == newCompanyId);
retrievedCompany
has typeCompany
and it is not dynamic proxy, so navigation property calledCreatedBy
does not work.Is it possible to get proxy instead?
-
ocuenca about 9 yearsDo you don't turn off proxy creation:
context.Configuration.ProxyCreationEnabled = false;
-
Stephen Harris almost 8 yearsHow are you logging in?
-
Sam in MA almost 8 yearsLogging in via SSH -- this is an Openstack VM running in a private cloud -- as user someuser. Editing the two mentioned config files using sudo.
-
Stephen Harris almost 8 yearsAre you using passwords or SSH keys?
-
Sam in MA almost 8 yearsSSH key (PEM file)
-
Nemo over 6 years
-
Mark Norgren almost 6 yearsI just burned several hours tracing something similar. The answer was revealed by running
strace
on the process, as suggested by the fine folks at serverfault.com/questions/569288/…
-
-
Sam in MA almost 8 yearsHere's what I have right now: $ cat /proc/sys/fs/file-max 100000 $ grep "fs.file-max" /etc/sysctl.conf fs.file-max = 100000 $ /opt/diagnostics/PerfTest/ ulimit -n 4096 --Sam
-
Sam in MA almost 8 yearsAlso added
session required pam_limits.so
to /etc/pam.d/login, logged out and back in, no change. -
Matthias Menzel almost 8 years@SaminMA You should change your
ulimit
yourself, I just said how you should increase your fs.file-max so it will allow you to change your hard limit. -
Sam in MA almost 8 yearsI can not change the ulimit for files (nofile) -- that's the entire point of my question. Despite having edited the 2 files mentioned in the title, and now also /etc/sysctl.conf and /etc/pam.d/login, per your suggestions, I still can not change the ulimit for files.
-
Mark Norgren almost 6 yearsModifying
/etc/pam.d/login
should be unnecessary, becauselogin
includes the common filesystem-auth
(as do many other files in/etc/pam.d
), and the latter actually requirespam_limits.so
. -
Miguel Mota about 4 yearsI was going crazy for hours trying to figure it out. Your answer was spot on. Thanks