limits.conf File To Limit Users, Process In Linux With Examples
Linux gives full control over the system. In this article, we are going to learn about the file limits.conf. limits.conf is a configuration that is used to limit the resources to the user, groups. Now let’s understand the file structure of limits.conf and how can we use the limits.conf to limit resources to the user. Before moving further, note that to edit this file, you must have root permission.
The complete path of the limits.config is :
pam_module is a module that uses ulimit command to apply limits from limits.conf file.
The basic syntax of the limits.conf file is :
Now let’s understand each field one by one
In this field, we need to name whom we are going to limit. The following can be values of this field
- group name
- * specifies all
In this field, we mention which type of limits we are going to apply to the mentioned domain. This field has two values, soft or hard
- Hard: The user can not cross the mentioned values.
- Soft: User can cross the mentioned value till previse Hard value.
This field mentions which resource we are going to limit for the mentioned domain. Here are some values for this field
- core: limits the core file size in KB
- data: maximum data size in KB
- fsize: maximum file size in KB
- stack: maximum stack size in KB
- cpu: maximum CPU time is minuted
To see all values of this field, please read the man of limits.conf
This field stores the values for the mentioned limit.
Limit for user
Now let’s see how we can limit the user by using the limits.conf file. We are going to understand this by taking an example. So to limit users, we need to mention username as a domain field. In this example, GFG is the user. After that we have to mention the type of limit, in this example, we set hard type. Now to set items first we are needed to choose any item from the available item so in this example, we have chosen to use CPU item. Now we have to mention value the value of item CPU is must be in minutes, so for this example let’s mention the value as 10 minutes. Here is our limit :
gfg hard cpu 10
Limit for Group
To limit the group we can use the same format and value used for value and item but instead of username mention the group name. Here is one example with employee group
employee hard nproc 30
Using wildcards to apply limits
We had seen the one domain as the * (asterisk). To apply the limit to the whole system, we can use this wildcard domain. Here is an example with a wildcard to apply limited number of logins on the system.
* - maxsyslogins 20
After applying this limit, the maximum number of logins to the system is 20.
Specify User ID Range For Limit
When we want to specify one limit to the multiple users, but the users do not belong to the same group, we can specify the range of the user for which the limit has to apply. When we mention the user ID range, then the mentioned limit is applied to user IDs that belong to that range. To specify the range, use : operation. Here is an example:
1000:1020 hard nproc 50
This limit will be applied to the user IDs in the range of 1000 to 1020.
Specify Group ID Range For Limit
Same as for user IDs, when we have to apply the same limit to multiple group IDs we can specify the range of group IDs. Use the : operator to mention the range.
@500:505 soft cpu 10000
This limit will be applied to Group IDs in the range between 500 and 505.
Limit Number of Process
Now let’s explore more items than mentioned above list. There is one item called nproc by using this option we can limit the number for the user or group ID. So limit the number of processes for user gfg use the following limit.
gfg hard nproc 50
After applying this limit, the user gfg will maximum own 50 processes.
Limit CPU Time
There is another item called cpu which is used to limit the CPU time for the mentioned user or group. So to limit the CPU time 1000 cycle to user gfg uses the following limit:
gfg soft cpu 0000
Limit Number Of Open File
nofile is an item by using which we can limit the maximum number of files that can be opened by the user. So to limit the maximum 227 number of files that can be opened by user gfg use the following limit
gfg hard nofile 227
Limit Number Of Logins
By default, systems allow us to unlimited logins on the system, but it can create a security issue. So to avoid the security issue, we can limit the number of logins of the user or group of users. We can use maxlogins item to limit the number of logins of users of groups to the system. So to limit 10 logins by the user group gfg, we can use the following limit:
@gfg - maxlogins 10
Limit Number Of System Logins
In the previous example, we see how we can limit the number of logins of the user group to the system. Now to limit the maximum number of logins to the whole system we can use maxsyslogins item. So to limit 50 maximum number of logins to the system use the following limit:
* - maxsyslogins 50
This limit is applied to the whole system and not for any specific user and group of users.
Limit Maximum File Size
We can limit the file size of the file by using the fsize item. This limit can be useful to restrict temp or similar usage type files. So to limit gfg having a single file size of 4 GB we can use the following limit:
@gfg - fsize 4000000
The file size is presented in the KB. Use the different domains and items to apply different limits on the user, system, and groups.
Now to know the limits on the process we can use the cat command with process PID to know process PID use ps command.
Here is example
The output is the same as the limits.conf file fields. To know more about the limits.conf file setting use man command
Please Login to comment...