Resource limits¶
Linux systems employ limiting or quota mechanisms to provide quality of service for system resources and contain rogue processes.
These limits are layered at the system-level and user-level. If these limits need to be modified, it is useful to understand the different limit configurations.
System-wide limits¶
Some global resource limits are implemented in the Linux kernel and are controllable with kernel parameters.
For example, a global limit for the maximum number of open files is set with the fs.file-max parameter. This limit applies to all processes and users an cannot be exceeded other limit values.
Checking limit¶
You can check a current value with sysctl -n <PARAMETER>. For example:
sysctl -n fs.file-max
This fs.file-max value is set intentionally high on Clear Linux OS systems by default. You can check the maximum value supported by the system with:
cat /proc/sys/fs/file-max
Overriding limit¶
You can override a value with sysctl -w <PARAMETER>. For example:
sudo sysctl -w fs.file-max=<NUMBER>
If needed permanently, the value can be set by creating a
/etc/sysctl.d/*.conf file (see man sysctl.d for details).
For example:
sudo mkdir -p /etc/sysctl.d/
sudo tee /etc/sysctl.d/fs-file-max.conf > /dev/null <<'EOF'
fs.file-max=<NUMBER>
EOF
Per-user limits¶
For processes not managed by systemd, resource limits can be set for PAM
logins on a per-user basis with upper and lower limits in the
/etc/security/limits.conf file.
You can set temporary values and check the current values with the ulimit command. For example, to change the soft limit of maximum number of open file descriptors for the current user:
ulimit -S -n <NUMBER>
See man limits.conf for details.
Service limits¶
Resource limits for services started with systemd units do not follow normal user limits because the process is started in a separate Linux control group (cgroup) Linux cgroups associate related process groups and provide resource accounting.
Resource limits for individual systemd services can be controlled inside their unit files or its configuration drop-in directory with the resource Limit directives. See process properties section of the systemd.exec man page.
Resource limits for all systemd services can be controlled with a file in the
/etc/systemd/system.conf.d/ directory. For example, to have no
restriction on the number of open files:
sudo mkdir -p /etc/systemd/system.conf.d/
sudo tee /etc/systemd/system.conf.d/50-nfiles.conf > /dev/null <<'EOF'
[Manager]
DefaultLimitNOFILE=infinity
EOF