File descriptor limits in /etc/system vs /etc/sysctl.conf vs /etc/security/limits.conf on Solaris

solaris limit file-descriptors ulimit sysctl
7,054

Parameters rlim_fd_cur and rlim_fd_max in /etc/system are no longer recommended with Solaris 10 and forward. It should be used the resource control process.max-file-descriptor instead, which replaces the replaces the System V interprocess communication. The adventaje is that server reboot is no longer necessary and you can use projects withouth affecting other processes.

Then to change the hard limit for the project user.root it is necessary to also set the privilege level priv (the hard limit) like the following command:

# projmod -s -K "process.max-file-descriptor=(priv,4096,deny)" user.root

To change the soft limit for project user.other it is necessary to also set the privilege level like:

$ projmod -s -K "process.max-file-descriptor=(basic,1024,deny)" user.other

Projects can be found in the /etc/project file.

This is an example of projadd (to create) and projmod (to set):

# useradd test
# projadd -c "Test" 'user.test'
# projmod -s -K "project.max-shm-memory=(privileged,6GB,deny)" 'user.test'
# projmod -s -K "process.max-file-descriptor=(basic,1024,deny)" user.test
# cat /etc/project|grep -i test
user.test:101:Test:::process.max-file-descriptor=(basic,1024,deny);project.max-shm-memory=(privileged,6442450944,deny)
#

projadd and projmod are persistent values. For non-persistent values you should use prctl command.

Example:

# prctl -n project.max-shm-memory -v 8gb -r -i project default 
# prctl -n project.max-shm-memory -i project default 
project: 3: default 
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT 
project.max-shm-memory 
usage 8.49MB 
privileged 8.00GB - deny - 
system 16.0EB max deny -

/etc/security/limits.conf and /etc/sysctl.conf are Linux files.

limits.conf sets limits on the system resources in a user-session in the pam_limits PAM module. --> This is similar to projmod.

sysctl.conf is the file that sysctl uses to modify kernel parameters at runtime. --> This is similar to modify the /etc/system.

If the user has not restrictions on limits.conf the default values are taken from: Kernel: init process Inherited: parent process (vendors configurations are in /usr/lib/sysctl.d/) PAM: limits.conf (can replace Kernel and Inherited ) Process by itself (can replace PAM, Kernel and Inherited, "getrlimit, setrlimit, prlimit - get/set resource limits").

Changes in limits.conf and sysctl.conf are persistent.

To set limits for an individual user you must edit limits.conf file. Like:

{account} soft as size (KB)
{account} hard as size (KB)

Example:

oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536

Reboot is not necessary for limits.conf modification, but the new parameters will apply just to the new sessions.

If you want modify a running process you should use prlimit. Like:

prlimit --pid <pid> --<limit>=<soft>:<hard>

Example:

prlimit --pid 12345 --nofile=1024:2048
Share:
7,054

Related videos on Youtube

GP92
Author by

GP92

Updated on September 18, 2022

Comments

  • GP92
    GP92 almost 2 years

    Let me explain first what I understood.

    In Solaris 10, rlim_fd_max and rlim_fd_cur in /etc/system set the hard and soft limits at the system level.

    And /etc/security/limits.conf sets the limits for login, right? So for a user it overwrites the limits set by /etc/system. If limits are not set in /etc/security/limits.conf, the user will have the values in /etc/system right?

    So, what is /etc/sysctl.conf for?

    On my Solaris 10, I don't have either sysctl.conf, or limits.conf. In this case how can I set limits on individual user that are persisted after reboot? Any other mechanism than setting them in profile?

    • MusiGenesis
      MusiGenesis about 9 years
      sysctl.conf is for Linux, not Solaris. Did you see a reference to it being used on Solaris somewhere?
    • GP92
      GP92 about 9 years
      @alanc yes, in oracle documentation about tuning, it is mentioned.
    • MusiGenesis
      MusiGenesis about 9 years
      It is mentioned for Solaris or for Linux? I only see it in reference to Linux platforms.
    • GP92
      GP92 about 9 years
      Oh yes..i always do miss these side headings..thank you..and anyhow its everything clear now!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What are the dangers of setting a high limit to max File Descriptors per process?
How to circumvent "Too many open files" in debian
Fixing ulimit: open files: cannot modify limit: Operation not permitted
Does OpenBSD have a limit to the number of file descriptors?
How to modify ulimit for open files on SUSE Linux Enterprise Server 10.4 permanently?
Increase the maximum number of open file descriptors in Snow Leopard?
How to set ulimits in Solaris 10
Ubuntu 16.04 Server MySql open_file_limit won't go higher than 65536
Too many open files with nginx, can't seem to raise limit
Ulimit values in limits.conf vs 20-nproc.conf