4

I need to have the ulimit value set at the boot time to all my services. I have values set in /etc/sysconfig/limits.conf but these values are not applicable during the boot time and it takes 1024 as default.

I have set the values in limits.conf, also checked whether /etc/pam.d/* contains "required pam_limits.so" entries and even /etc/security/limits.d/90-nproc.conf doesn't have default entries.

Now I found another way to include the value during the boot time, I came across /etc/sysconfig/init file. When I set the value in this file, all the services got the expected value during the boot time.

Now, I am unsure about the impact on the server and what things should be ignore configuring in this /etc/sysconfig/init file. Also is there any alternative other then this file or methods mentioned above.

Sandeep Sukhija
  • 143
  • 1
  • 4

3 Answers3

1

The ulimits aren't specific to services or system-wide, they are specific to individual accounts. The soft limit in /etc/security/limits.conf should be what appears as the default when you start the service; this doesn't seem to be happening in your case, so I would start looking at the dot-files for the user(s) running the service(s) in question or at the actual init script for the service(s) in question. I have a feeling your ulimit is set in one of those two places, and thus overriding the /etc/security/limits.conf values.

John
  • 8,920
  • 1
  • 28
  • 34
  • You are right, the values are getting applicable on running the services script when the server is up, but the ulimit value is not coming in picture during boot time which is my concern. – Sandeep Sukhija Apr 23 '14 at 17:39
  • 1
    Nothing sets a system-wide ulimit at boot time. There's no such thing as a ulimit until an actuve session enters the picture. It's a "user limit", not anything system-wide. It will never appear at "boot time". – John Apr 23 '14 at 17:44
  • Thanks John for the clarification but am still holding a doubt. During boot, when services are started, the respective user would be coming into picture, how to assign the value to users other then in individual services script. Also on the other hand setting the ulimit in init file indeed set the value for all users during boot, was that a fluke? – Sandeep Sukhija Apr 23 '14 at 18:01
  • 2
    Forget "boot". That's the wrong term. You're not booting, you're already booted, you're simply starting services. There are two places you can set ulimits - `/etc/security/limits.conf` and the service startup script (or scripts sourced thereby). The only place to do so and ensure the settings you write are common to multiple users is `/etc/security/limits.conf`. You should not use `/etc/sysconfig/init` for this purpose, it is not what that file was intended to be used for. – John Apr 23 '14 at 18:06
  • Ok, I will see to it, I do not use init for this purpose. Also I have already set ulimit for all users in limits.conf file but still no luck and this only happens when services are auto restarted after boot. I have last option to set in services script individually. Can you point a direction from where are the users getting default values from. – Sandeep Sukhija Apr 23 '14 at 18:23
  • I found the following link [link](http://serverfault.com/a/408375/217411) which says that you can include the settings like ulimit and umask which are executed by init in initscript [link](http://linux.die.net/man/5/initscript) – Sandeep Sukhija Apr 24 '14 at 06:09
0

I've used that method you're talking about to set ulimit and umask for files created by the Apache user. Meaning, I've edited /etc/init.d/httpd and included a umask and ulimit -s configuration there, that solved my issue so I guess it's a good solution. It didn't have any impact except for the expected one.

Itai Ganot
  • 10,424
  • 27
  • 88
  • 143
0

The file /etc/security/limits.conf is used by PAM, but PAM is utilized when a user is logging in. However when services are started, it's not going through PAM, so that's why limits.conf doesn't help. Services are launched by the init system and the settings for them is dependent on the system used. If you are using upstart, it can be set in /etc/sysconfig/init system-wide or in /etc/sysconfig/<servicename> per-service. In systemd world, ulimits can be set in the service files by usint Limit<type>=, I'm not sure how to do that system-wide. With OpenRC you can set rc_ulimit= per service or system-wide in /etc/rc.conf.

nert
  • 143
  • 4