File descriptor limits in /etc/system vs /etc/sysctl.conf vs /etc/security/limits.conf on Solaris
Parameters rlim_fd_cur
and rlim_fd_max
in /etc/system
are no longer recommended with Solaris 10 and forward. It should be used the resource control process.max-file-descriptor
instead, which replaces the replaces the System V interprocess communication. The adventaje is that server reboot is no longer necessary and you can use projects withouth affecting other processes.
Then to change the hard limit for the project user.root
it is necessary to also set the privilege level priv (the hard limit) like the following command:
# projmod -s -K "process.max-file-descriptor=(priv,4096,deny)" user.root
To change the soft limit for project user.other
it is necessary to also set the privilege level like:
$ projmod -s -K "process.max-file-descriptor=(basic,1024,deny)" user.other
Projects can be found in the /etc/project
file.
This is an example of projadd
(to create) and projmod
(to set):
# useradd test
# projadd -c "Test" 'user.test'
# projmod -s -K "project.max-shm-memory=(privileged,6GB,deny)" 'user.test'
# projmod -s -K "process.max-file-descriptor=(basic,1024,deny)" user.test
# cat /etc/project|grep -i test
user.test:101:Test:::process.max-file-descriptor=(basic,1024,deny);project.max-shm-memory=(privileged,6442450944,deny)
#
projadd
and projmod
are persistent values. For non-persistent values you should use prctl
command.
Example:
# prctl -n project.max-shm-memory -v 8gb -r -i project default
# prctl -n project.max-shm-memory -i project default
project: 3: default
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
project.max-shm-memory
usage 8.49MB
privileged 8.00GB - deny -
system 16.0EB max deny -
/etc/security/limits.conf
and /etc/sysctl.conf
are Linux files.
limits.conf
sets limits on the system resources in a user-session in the pam_limits
PAM module. --> This is similar to projmod
.
sysctl.conf
is the file that sysctl
uses to modify kernel parameters at runtime. --> This is similar to modify the /etc/system
.
If the user has not restrictions on limits.conf
the default values are taken from:
Kernel: init
process
Inherited: parent process (vendors configurations are in /usr/lib/sysctl.d/
)
PAM: limits.conf
(can replace Kernel and Inherited )
Process by itself (can replace PAM, Kernel and Inherited, "getrlimit
, setrlimit
, prlimit
- get/set resource limits").
Changes in limits.conf
and sysctl.conf
are persistent.
To set limits for an individual user you must edit limits.conf
file.
Like:
{account} soft as size (KB)
{account} hard as size (KB)
Example:
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
Reboot is not necessary for limits.conf modification, but the new parameters will apply just to the new sessions.
If you want modify a running process you should use prlimit
.
Like:
prlimit --pid <pid> --<limit>=<soft>:<hard>
Example:
prlimit --pid 12345 --nofile=1024:2048
Related videos on Youtube
GP92
Updated on September 18, 2022Comments
-
GP92 almost 2 years
Let me explain first what I understood.
In Solaris 10,
rlim_fd_max
andrlim_fd_cur
in/etc/system
set the hard and soft limits at the system level.And
/etc/security/limits.conf
sets the limits forlogin
, right? So for a user it overwrites the limits set by/etc/system
. If limits are not set in/etc/security/limits.conf
, the user will have the values in/etc/system
right?So, what is
/etc/sysctl.conf
for?On my Solaris 10, I don't have either
sysctl.conf
, orlimits.conf
. In this case how can I set limits on individual user that are persisted after reboot? Any other mechanism than setting them inprofile
?-
MusiGenesis about 9 years
sysctl.conf
is for Linux, not Solaris. Did you see a reference to it being used on Solaris somewhere? -
GP92 about 9 years@alanc yes, in oracle documentation about tuning, it is mentioned.
-
MusiGenesis about 9 yearsIt is mentioned for Solaris or for Linux? I only see it in reference to Linux platforms.
-
GP92 about 9 yearsOh yes..i always do miss these side headings..thank you..and anyhow its everything clear now!
-