In this article we discuss the ulimit Linux command which is used to display and control the allocation of system resources such as RAM, disk space, processing power etc.
Table of contents.
- limits.conf file..
Linux is a multiuser system and therefore it is important for system admins to make sure that system resources are used appropriately.
With this command we can enforce control at the global, group or user level furthermore we can also prevent unwanted processes and users from consuming a lot of system resources.
The syntax is as follows,
To get started we create a test account,
$ sudo adduser alice # confirm account creation $ cat /etc/passwd | grep alice
To display limits for alice, write,
ulimit -a alice
Or for the current user.
- We use -S and -H to display soft and hard limits respectively.
$ ulimit -S unlimited
$ ulimit -H unlimited
Since we haven't defined limits yet, the expected output is unlimited
We can combine the above two commands to display limits for specific system resources. For example to display the soft and hard limits for number of user processes write,
For the hard limit,
For the soft limit,
To display all soft limits,
For all hard limits,
- To limit the number of processes for a user we can write,
ulimit -u 10
With that the user cannot run more that 10 processes, we can test this by executing 10 pings separated by & character,
$ ping 192.168.100.1 & ping 192.168.100.2 ...
You will notice the message,
bash: fork: retry: Resource temporarily unavailable bash: fork: retry: Resource temporarily unavailable bash: fork: retry: Resource temporarily unavailable
- We can also define the soft and hard limits for the number of processes as follows,
$ ulimit -Su 7 $ ulimit -Hu 10
The soft limit is 7 processes and the hard limit is 10 processes, by default the user will be limited to 7 processes, if she decides to increase the number of processes, it is possible but not beyond 10 processes.
To increase the number of processes from the soft limit but not beyond the hard limit write,
$ ulimit -Su $(ulimit -Hu)
- We can also limit the number of files that are opened as follows,
ulimit -n 10
Here the user is not allowed to open more that 10 files.
To check the limit for the number of open files we write,
The commands discussed here change limits only temporarily to change them permanently we edit this file.
All resource limits for a user are stored in this file located at /etc/security/ directory.
To view this file, write,
From the output we can see four parameters namely, domain, type, item and value.
The domain parameter defines the domain where a limit belongs. A domain can be a user, group or wildcard.
A wildcard * domain is the default entry for the domain while % specifies the maxlogin limit.
A sysadmin will use the domain to define limits for a user or group.
The type parameter refers to the type of limit we want to set for a user or group. A limit can be soft or hard.
From a Linux system administrator perspective we can specify a limit within which a user can operate from, this is the soft limit, it could be changed by the user. We could also specify the hard limit which a user cannot exceed even after changing the soft limit, this is specified by root user.
For example we could set a soft limit for file sizes for a specified user to 10000 blocks and a hard limit of 30000 blocks. The user won't be able to create a file exceeding 10000 blocks but could adjust the settings to exceed it but not beyond 30000 blocks hard limit which is set by the root user.
The item parameter specifies the system resource we want to limit e.g RAM, file size, stack size etc
The value defines the value for the limit which corresponds to an item.
For example to change alice's soft and hard limits for the number of processes, we write,
$ sudo vim /etc/security/limits/.conf
We then add the following lines,
alice soft nproc 10 alice hard nproc 20
These changes will work after the user has exited the current shell and logged back in.
To confirm these changes, switch to alice's account and write,
$ ulimit -Su 10
for the soft limit, and for the hard limit, write,
$ ulimit -Hu 20
You can test if this works by executing 10 processes parallely or executing fork bomb code(not recommended), You can also go beyond the soft limit but not the hard limit to increase the number of processes.
Controlling the allocation of resources is very important especially in multiuser systems such as Linux.
The limits.conf file defines system resource allocation settings. We can change limits permanently by editing this file instead of writing commands.
- Execute man ulimit for the command's manual or ulimit --help.