Understand what is ulimit? How to set it? Which all system resources can be limited using ulimit control? and how to view current ulimit settings.
In this article, we are going to see everything about bash built-in
ulimit value. This is your key to keep the system safe from fork bombs or malicious codes aimed at hung systems by crunching resources.
What is ulimit?
It can roughly be called as user limit! Using this value you are limiting shell and its forked processes to use certain defined system resources. This helps in managing system resources and in turns processes efficiently. Using
ulimit you can make sure that all important processes on server always get resources while least important once cant hog more than what they should get. There are different parameters can be defined under
ulimit umbrella which we will see ahead.
To view your current
ulimit setting run below command :
# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 95174 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 1024 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
As you can see in above output, left column denotes parameters which can be limited using ulimit, along with their measuring unit and option to be used in braces and the last column shows current set value.
ulimit controlled parameters :
See below list of parameters which can be limit using ulimit and their details. The list is from man page and parameters are self-explanatory. Since this is bash built in; when you check manpage, you will see all bash commands. You have to scroll that man page all the way to bottom (since its alphabetically sorted) to get to
ulimit section. There you will find these parameters.
Different ulimit parameters
|All current limits are reported|
|The maximum socket buffer size|
|The maximum size of core files created|
|The maximum size of a process’s data segment|
|The maximum scheduling priority (“nice”)|
|The maximum size of files written by the shell and its children|
|The maximum number of pending signals|
|The maximum size that may be locked into memory|
|The maximum resident set size (many systems do not honor this limit)|
|The maximum number of open file descriptors (most systems do not allow this value to be set)|
|The pipe size in 512-byte blocks (this may not be set)|
|The maximum number of bytes in POSIX message queues|
|The maximum real-time scheduling priority|
|The maximum stack size|
|The maximum amount of cpu time in seconds|
|The maximum number of processes available to a single user|
|The maximum amount of virtual memory available to the shell|
|The maximum number of file locks|
|The maximum number of threads|
To set specific parameter limit values, you can issue the command :
# ulimit -option <value>
Once done, it will limit this parameter for the current shell (shell from where the command was run) and it’s all forked processes. More efficient way to implement limits is through profiles which are discussed next.
How to setup ulimit :
Most common use in corporate Infra is for database servers. Since we all know that DB is resource hungry application. So many times ulimits specified to it in terms of
-n etc. This setting is done in DB owner user id like Oracle’s (user id with which DB application runs on the server)
.bash_profile in its home or
/etc/profile or through custom scripts which loads when DB starts. Find below code snippet which can be used in
if [ $USER = "oracle" ] || [ $USER = "oradb" ]; then if [ $SHELL = "/bin/ksh" ]; then ulimit -p 16384 ulimit -n 65536 else ulimit -u 10000 -n 35000 fi fi
Whenever users logged in,
/etc/profile gets executed. It checks if the user is oracle or oradb and if yes with ksh shell, it sets respective ulimits values for it!
This ensures parameters are set for that user’s shell when DB application starts in user’s shell. Since,
ulimit limits resources for shell and its forked processes, these values get imposed for DB apps running under that user’s shell!