If you are working in a shared Linux environment it is crucial to manage system resources. If you don’t and something happens to one user account it could end up using more resources than expected causing degraded performance for everyone else using the server. One way to limit system resources is to use the ulimit command.
In this blog post, we will explore the ulimit command from what type of resources it can limit, syntax, examples, and more.
What Is Ulimit?
The ulimit command in Linux allows users and system administrators to set resource limits to shell and processes started from shell processes. Ulimit includes two types of limits, soft and hard limits below we will discuss the differences.
Soft Limits
Soft limits can be set as a default or be set by the user. These limits can be changed within the bounds of the hard limit.
Generally, when a process reaches the ser soft limit a warning may be displayed and it will also be logged in the system logs on systems systems this would be the systems journal.
Note: In certain configurations, it may be possible that applications may be terminated after the soft limit. Make sure to test this before relying on expected behavior.
Hard Limits
Hard Limits are the absolute cap for resource usage, set by the system administrator, and cannot be changed by anyone else.
When a process reaches the limit the application/shell will be terminated and logged to system logs.
How To Check Ulimit
To check what is set in ulimit use the following command:
ulimit -a
The Results will look something like the image below:
Ulimit User Syntax
Ulimit can limit quite a few different resources from the max file size, CPU time, and Memory to name a few.
Below is the list of flags as shown by ulimit –help command.
-S use the `soft’ resource limit
-H use the `hard’ resource limit
-b the socket buffer size
-c the maximum size of core files created
-d the maximum size of a process’s data segment
-e the maximum scheduling priority (`nice’)
-f the maximum size of files written by the shell and its children
-i the maximum number of pending signals
-k the maximum number of kqueues allocated for this process
-l the maximum size a process may lock into memory
-m the maximum resident set size
-n the maximum number of open file descriptors
-p the pipe buffer size
-q the maximum number of bytes in POSIX message queues
-r the maximum real-time scheduling priority
-s the maximum stack size
-t the maximum amount of cpu time in seconds
-u the maximum number of user processes
-v the size of virtual memory
-x the maximum number of file locks
-P the maximum number of pseudoterminals
-R the maximum time a real-time process can run before blocking
-T the maximum number of threads
Practical User Ulimit Examples
As a user, you want to set the open file limit to 1000 (for the current shell session).
ulimit -n 1000
You want to limit the memory usage per process to 500 MB (for the current shell session).
ulimit -v 500000
You want to set a CPU time limit per process to 5 minutes (for the current shell session).
ulimit -t 300
Note: Using this same syntax you can even set resource limits on your shell scripts.
How To Set Resource Limit As An Administrator
Administrators can set resource limits via /etc/security/limits.conf or in some cases files in /etc/security/limits.d/.
To confirm if you can use .d files check the contents of /etc/security/limits.conf as it should have a comment letting you know.
For the sake of this example we will make any changes in /etc/security/limits.conf.
When adding an entry the formatting will be as follows:
#<domain> <type> <item> <value>
- <domain>: will be username, group, or a wildcard
- <type>: will be either soft or hard for the limit type
- <item>: will be one from the below list
core – limits the core file size (KB)
data – max data size (KB)
size – maximum filesize (KB)
memlock – max locked-in-memory address space (KB)
nofile – max number of open file descriptors
rss – max resident set size (KB)
stack – max stack size (KB)
cpu – max CPU time (MIN)
nproc – max number of processes
as – address space limit (KB)
maxlogins – max number of logins for this user
maxsyslogins – max number of logins on the system
priority – the priority to run user process with
locks – max number of file locks the user can hold
sigpending – max number of pending signals
msgqueue – max memory used by POSIX message queues (bytes)
nice – max nice priority allowed to raise to values: [-20, 19]
rtprio – max realtime priority
- <value>: will the value of the limit we want to set
Practical Administrator Ulimit Examples
To set a process limit for the user John of 100 append to /etc/security/limits.conf.
john hard nproc 100
To set a cpu limit for the developer group to 5 minutes append to /etc/security/limits.conf.
@developer hard cpu 5
To set a soft limit of the number of open file descriptors to 1000 append to /etc/security/limits.conf.
* soft nofile 1000
Wrapping Up
If you find yourself in need of tools to limit resource usage ulimit may be what you need. In this post, we have discussed the ulimit command, starting with the differences between soft and hard limits. Wrapping things up discussing flags and what ulimit can limit to some practical examples with that information.
Additional Reading
For further information check out these resources.
- Check out the man page using the man ulimit command or an online man page.
- The /etc/security/limits.conf file directly as it should have comments though if it doesn’t the Arch Wiki is a good reference.
Embracing a lifelong passion for technology since childhood, CJ delved into the intricate workings of systems, captivated by the desire to understand the unknown. This innate curiosity led to his discovery of Linux, a revelation that resonated deeply. With more than 7 years of on the job experience, he’s honed his technical skills as a Geek and Senior Linux Systems Administrator.
Leave a Reply