Open In App

limits.conf File To Limit Users, Process In Linux With Examples

Improve
Improve
Like Article
Like
Save
Share
Report

Linux gives full control over the system. In this article, we are going to learn about the file limits.conf. limits.conf is a configuration that is used to limit the resources to the user, groups. Now let’s understand the file structure of limits.conf and how can we use the limits.conf to limit resources to the user. Before moving further, note that to edit this file, you must have root permission.

The complete path of the limits.config is :

/etc/security/limits.conf

 pam_module is a module that uses ulimit command to apply limits from limits.conf file.

The basic syntax of the limits.conf file is :

  <domain><type><item><value>

Now let’s understand each field one by one

domain

In this field, we need to name whom we are going to limit. The following can be values of this field

  • username
  • group name
  • * specifies all
  • userid
  • groupid

type

In this field, we mention which type of limits we are going to apply to the mentioned domain. This field has two values, soft or hard

  • Hard: The user can not cross the mentioned values.
  • Soft: User can cross the mentioned value till previse Hard value.

item

This field mentions which resource we are going to limit for the mentioned domain. Here are some values for this field

  • core: limits the core file size in KB
  • data: maximum data size in KB
  • fsize: maximum file size in KB
  • stack: maximum stack size in KB
  • cpu: maximum CPU time is minuted

To see all values of this field, please read the man of limits.conf

value

This field stores the values for the mentioned limit.

Limit for user

Now let’s see how we can limit the user by using the limits.conf file. We are going to understand this by taking an example. So to limit users, we need to mention username as a domain field. In this example, GFG is the user. After that we have to mention the type of limit, in this example, we set hard type. Now to set items first we are needed to choose any item from the available item so in this example, we have chosen to use CPU item. Now we have to mention value the value of item CPU is must be in minutes, so for this example let’s mention the value as 10 minutes. Here is our limit :

gfg        hard    cpu        10

Limit for Group

To limit the group we can use the same format and value used for value and item but instead of username mention the group name. Here is one example with employee group

employee        hard    nproc    30

Using wildcards to apply limits

We had seen the one domain as the * (asterisk). To apply the limit to the whole system, we can use this wildcard domain. Here is an example with a wildcard to apply limited number of logins on the system.

 *    -    maxsyslogins    20

After applying this limit, the maximum number of logins to the system is 20.

Specify User ID Range For Limit

When we want to specify one limit to the multiple users, but the users do not belong to the same group, we can specify the range of the user for which the limit has to apply. When we mention the user ID range, then the mentioned limit is applied to user IDs that belong to that range. To specify the range, use : operation. Here is an example:

1000:1020    hard    nproc     50

This limit will be applied to the user IDs in the range of 1000 to 1020.

Specify Group ID Range For Limit

Same as for user IDs, when we have to apply the same limit to multiple group IDs we can specify the range of group IDs. Use the : operator to mention the range.

@500:505    soft    cpu        10000

This limit will be applied to Group IDs in the range between 500 and 505.

Limit Number of Process

Now let’s explore more items than mentioned above list. There is one item called nproc by using this option we can limit the number for the user or group ID. So limit the number of processes for user gfg use the following limit.

gfg   hard    nproc        50

After applying this limit, the user gfg will maximum own 50 processes.

Limit CPU Time

There is another item called cpu which is used to limit the CPU time for the mentioned user or group. So to limit the CPU time 1000 cycle to user gfg uses the following limit:

gfg      soft    cpu     0000

Limit Number Of Open File

nofile is an item by using which we can limit the maximum number of files that can be opened by the user. So to limit the maximum 227 number of files that can be opened by user gfg use the following limit

gfg      hard     nofile     227

Limit Number Of Logins

By default, systems allow us to unlimited logins on the system, but it can create a security issue. So to avoid the security issue, we can limit the number of logins of the user or group of users. We can use maxlogins item to limit the number of logins of users of groups to the system. So to limit 10 logins by the user group gfg, we can use the following limit:

@gfg        -       maxlogins       10

Limit Number Of System Logins

In the previous example, we see how we can limit the number of logins of the user group to the system. Now to limit the maximum number of logins to the whole system we can use maxsyslogins item. So to limit 50 maximum number of logins to the system use the following  limit:

*        -       maxsyslogins       50

This limit is applied to the whole system and not for any specific user and group of users.

Limit Maximum File Size

We can limit the file size of the file by using the fsize item. This limit can be useful to restrict temp or similar usage type files. So to limit gfg having a single file size of 4 GB we can use the following limit:

@gfg     -       fsize       4000000

The file size is presented in the KB. Use the different domains and items to apply different limits on the user, system, and groups.

Now to know the limits on the process we can use the cat command with process PID to know process PID use ps command

 cat /proc/PID/limits 

Here is example

The output is the same as the limits.conf file fields. To know more about the limits.conf file setting use man command 

man limits.conf


Last Updated : 10 Feb, 2023
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads