Modifying the OS user limits in Linux is necessary to ensure that the system’s resources are being used efficiently and that the system remains stable. There are several reasons why and how you might modify the OS user limits in Linux:
- Resource allocation: To ensure that resources are allocated efficiently. By setting limits on the number of processes and open file descriptors that a user can have, you can ensure that one user does not consume all of the system’s resources and cause other users to experience performance issues.
- Security: By setting limits on the amount of memory and CPU usage that a user can consume, you can prevent a user from launching a denial of service attack or consuming all of the system’s resources.
- Stability: By preventing a single user from consuming all of the system’s resources and causing the system to crash.
To modify the OS user limits in Linux, you can use the ulimit command. The ulimit command can be used to set limits on the number of processes, open file descriptors, and memory usage for a user.
Some examples of how to use the ulimit command:
Setting the maximum number of processes for a user to 1000 :
$ ulimit -u 1000
Setting the maximum number of open file descriptors for a user to 4096:
$ ulimit -n 4096
Setting the maximum amount of memory usage for a user to 2 GB:
$ ulimit -m 2097152
It is important to note that these limits are applied to a session, meaning that they will be reset to the default value after the user log off, to make the limit persistent across sessions you can set it in the shell profile files like /etc/bash.bashrc or /etc/profile or user’s .bash_profile
In our case we had to make it permanent so we followed the below process of updating limits.conf:
Login as root.
Take Backup:
cd /etc/security cp limits.conf limits.conf_backup
Modify limits.conf
vi limits.conf
Example: oracle soft nofile 1024 # Added by DB/RAC OCI soft nofile limit is 1024 oracle hard nofile 65536 # Added by DB/RAC OCI hard nofile limit is 65536 oracle soft nproc 16384 # Added by DB/RAC OCI soft nproc limit is 16384 oracle hard nproc 16384 # Added by DB/RAC OCI hard nproc limit is 16384 oracle soft stack 32768 # Added by DB/RAC OCI soft stack limit is 10240 oracle hard stack 32768 # Added by DB/RAC OCI hard stack limit is 32768 oracle soft core unlimited # Added by DB/RAC OCI soft core limit is unlimited oracle hard core unlimited # Added by DB/RAC OCI hard core limit is unlimited oracle soft data unlimited # Added by DB/RAC OCI soft data limit is unlimited oracle hard data unlimited # Added by DB/RAC OCI hard data limit is unlimited oracle soft memlock 134217728 # Added by DB/RAC OCI soft memlock limit is 134217728 oracle hard memlock 134217728 # Added by DB/RAC OCI hard memlock limit is 134217728
ABOVE IS JUST SAMPLE CONTENT FROM ONE OF OUR DB SERVERS. YOU HAVE TO ADD UPDATES ONLY WHAT IS NEEDED.
FYI, In DB side in Oracle Cloud, we needed to change in this file too after taking backup. You will not need it.:
/etc/security/limits.d/oracle-database-preinstall-19c.conf
Refresh the kernel parameters to activate the new parameter value
$ sysctl -p
Login to that specific OS user and check:
Check Hard and Soft values
$ ulimit -a [oracle@<server> ~]$ ulimit -Hs 32768 [oracle@<server> ~]$ ulimit -Ss 32768
Modifying the OS user limits in Linux is necessary to ensure that the system’s resources are being used efficiently and that the system remains stable.
- Building a Scalable and Secure AI Infrastructure in the Cloud - May 12, 2024
- Harnessing the Power of AI in the Cloud for Business Transformation - March 2, 2024
- Building a Resilient Cybersecurity Framework in the Oracle Cloud - January 16, 2024