how do i set hard and soft file limits for a non-root user at boot?
/etc/security/limits.conf file is processed by the pam_limits
PAM module and is used to assign resource limits for a user session. These will be applied only when PAM and the pam_limits
module is used during the session setup.
In your system the su
utility may be not configured to use the pam_limits
module (see the /etc/pam.d/su.conf
file) or uses it only when creating a new login session (called with a -
, -l
or --login
option).
Try using
su - nobody -c 'ulimit -Hn'
or adding
session required pam_limits.so
To /etc/pam.d/su
or/and /etc/pam.d/su-l
.
It may also be the case, that your su
utility is not compiled with PAM support at all. In such case it will never use the limits.conf
file.
Related videos on Youtube
incognito2
Updated on September 18, 2022Comments
-
incognito2 over 1 year
I have a xen HVM vps and I'm trying to raise the hard and soft file limits for nobody at boot time. I'm using Ubuntu 10.04.3 and inside /etc/security/limits.conf I have:
nobody soft nofile 10000 nobody hard nofile 30000
But when I check the file limits are still the default 1024:
su nobody -c 'ulimit -Hn' 1024 su nobody -c 'ulimit -Sn' 1024
What is the right way of raising the file limits for Ubuntu?
-
incognito2 over 12 yearsI tried using su - nobody -c 'ulimit -Hn' but it says 1024. What does this mean for the user nobody and nginx? That there aren't really any file limits and this tweak isn't necessary?
-
Paul Homes about 12 yearsI ran into a similar problem when trying to run a service (JBoss) on Ubuntu 10.04 as a non-root user and getting lots of "too many open files" exceptions. I had already increased the nofiles limit which was verified with a normal login shell but it was not taking effect for any services started as a non-root user via su in an init script. I found that "su --login" still didn't pick up the increased nofiles limit even though pam_limits was uncommented in /etc/pam.d/login. I had to uncomment the pam_limits line in /etc/pam.d/su before it worked. It seems to me that /etc/pam.d/su applies to "su -