Understand what is ulimit? How to set it? Which all system resources can be limited using ulimit control? and how to view current ulimit settings.
In this article we are going to see everything about bash built in
ulimit value. This is your key to keep system safe from fork bombs or malicious codes aimed to hung systems by crunching resources.
What is ulimit?
It can roughly called as user limit! Using this value you are limiting shell and its forked processes to use certain defined system resources. This helps in managing system resources and in turns processes efficiently. Using
ulimit you can make sure that all important processes on server always gets resources while least important onces cant hog more than what they should get. There are different parameters can be defined under
ulimit umbrella which we will see ahead.
To view your current
ulimit setting run below command :
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 95174
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1024
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
As you can see in above output, left column denotes parameters which can be limited using ulimit, along with their measuring unit and option to be used in braces and last column shows current set value.
ulimit controlled parameters :
See below list of parameters which can be limit using ulimit and their details. List is from man page and parameters are self explanatory. Since this is bash built in; when you check manpage, you will see all bash commands. You have to scroll that man page all the way to bottom (since its alphabetically sorted) to get to
ulimit section. There you will find these parameters.
To set specific parameter limit values, you can issue command :
# ulimit -option <value>
Once done, it will limit this parameter for current shell (shell from where command was ran) and its all forked processes. More efficient way to implement limits is through profiles which is discussed next.
How to setup ulimit :
Most common use in corporate Infra is for database servers. Since we all know that DB is resource hungry application. So many times ulimits specified to it in terms of
-n etc. This setting is done in DB owner user id like oracle’s (user id with which db application runs on server)
.bash_profile in its home or
/etc/profile or through custom scripts which loads when DB starts. Find below code snippet which can be used in
if [ $USER = "oracle" ] || [ $USER = "oradb" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
ulimit -u 10000 -n 35000
Whenever users logged in,
/etc/profile gets executed. It checks if user is oracle or oradb and if yes with ksh shell, it sets respective ulimits values for it!
This ensures parameters are set for that user’s shell when DB application starts in user’s shell. Since
ulimit, limits resources for shell and its forked processes, these values gets imposed for DB apps running under that user’s shell!