Skip to content

Modify OS level user limits

Modifying the OS user limits in Linux is necessary to ensure that the system’s resources are being used efficiently and that the system remains stable. There are several reasons why and how you might modify the OS user limits in Linux:

  1. Resource allocation: To ensure that resources are allocated efficiently. By setting limits on the number of processes and open file descriptors that a user can have, you can ensure that one user does not consume all of the system’s resources and cause other users to experience performance issues.
  2. Security: By setting limits on the amount of memory and CPU usage that a user can consume, you can prevent a user from launching a denial of service attack or consuming all of the system’s resources.
  3. Stability: By preventing a single user from consuming all of the system’s resources and causing the system to crash.

To modify the OS user limits in Linux, you can use the ulimit command. The ulimit command can be used to set limits on the number of processes, open file descriptors, and memory usage for a user.

Some examples of how to use the ulimit command:

Setting the maximum number of processes for a user to 1000 :

$ ulimit -u 1000

Setting the maximum number of open file descriptors for a user to 4096:

$ ulimit -n 4096

Setting the maximum amount of memory usage for a user to 2 GB:

$ ulimit -m 2097152

It is important to note that these limits are applied to a session, meaning that they will be reset to the default value after the user log off, to make the limit persistent across sessions you can set it in the shell profile files like /etc/bash.bashrc or /etc/profile or user’s .bash_profile

In our case we had to make it permanent so we followed the below process of updating limits.conf:

Login as root.

Take Backup:

cd /etc/security
cp limits.conf limits.conf_backup

Modify limits.conf

vi limits.conf
Example:
oracle soft nofile 1024 # Added by DB/RAC OCI soft nofile limit is 1024
oracle hard nofile 65536 # Added by DB/RAC OCI hard nofile limit is 65536
oracle soft nproc 16384 # Added by DB/RAC OCI soft nproc limit is 16384
oracle hard nproc 16384 # Added by DB/RAC OCI hard nproc limit is 16384
oracle soft stack 32768 # Added by DB/RAC OCI soft stack limit is 10240
oracle hard stack 32768 # Added by DB/RAC OCI hard stack limit is 32768
oracle soft core unlimited # Added by DB/RAC OCI soft core limit is unlimited
oracle hard core unlimited # Added by DB/RAC OCI hard core limit is unlimited
oracle soft data unlimited # Added by DB/RAC OCI soft data limit is unlimited
oracle hard data unlimited # Added by DB/RAC OCI hard data limit is unlimited
oracle soft memlock 134217728 # Added by DB/RAC OCI soft memlock limit is 134217728
oracle hard memlock 134217728 # Added by DB/RAC OCI hard memlock limit is 134217728

ABOVE IS JUST SAMPLE CONTENT FROM ONE OF OUR DB SERVERS. YOU HAVE TO ADD UPDATES ONLY WHAT IS NEEDED.

FYI, In DB side in Oracle Cloud, we needed to change in this file too after taking backup. You will not need it.:

/etc/security/limits.d/oracle-database-preinstall-19c.conf

Refresh the kernel parameters to activate the new parameter value

$ sysctl -p

Login to that specific OS user and check:

Check Hard and Soft values

$ ulimit -a

[oracle@<server> ~]$ ulimit -Hs
32768
[oracle@<server> ~]$ ulimit -Ss
32768

Modifying the OS user limits in Linux is necessary to ensure that the system’s resources are being used efficiently and that the system remains stable.

 

Brijesh Gogia
Leave a Reply