{"id":4598,"date":"2022-12-20T18:09:14","date_gmt":"2022-12-20T21:09:14","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/limits-conf-man5\/"},"modified":"2022-12-20T18:09:14","modified_gmt":"2022-12-20T21:09:14","slug":"limits-conf-man5","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/limits-conf-man5\/","title":{"rendered":"LIMITS.CONF (man5)"},"content":{"rendered":"

LIMITS.CONF<\/h1>\n

NAME<\/a>
DESCRIPTION<\/a>
EXAMPLES<\/a>
SEE ALSO<\/a>
AUTHOR<\/a> <\/p>\n

\n

NAME <\/a> <\/h2>\n

limits.conf \u2212 configuration file for the pam_limits module<\/p>\n

DESCRIPTION <\/a> <\/h2>\n

The pam_limits.so<\/i> module applies ulimit limits, nice priority and number of simultaneous login sessions limit to user login sessions. This description of the configuration file syntax applies to the \/etc\/security\/limits.conf file and *.conf files in the \/etc\/security\/limits.d directory.<\/p>\n

The syntax of the lines is as follows:<\/p>\n

<\/i><\/p>\n

The fields listed above should be filled as follows:<\/p>\n

<\/b><\/p>\n

\u2022 a username<\/p>\n

\u2022 a groupname, with @group<\/b> syntax. This should not be confused with netgroups.<\/p>\n

\u2022 the wildcard *<\/b>, for default entry.<\/p>\n

\u2022 the wildcard %<\/b>, for maxlogins limit only, can also be used with %group<\/b> syntax. If the %<\/b> wildcard is used alone it is identical to using *<\/b> with maxsyslogins limit. With a group specified after %<\/b> it limits the total number of logins of all users that are member of the group.<\/p>\n

\u2022 an uid range specified as <\/i>:<\/b><\/i>. If min_uid is omitted, the match is exact for the max_uid. If max_uid is omitted, all uids greater than or equal min_uid match.<\/p>\n

\u2022 a gid range specified as @<\/b><\/i>:<\/b><\/i>. If min_gid is omitted, the match is exact for the max_gid. If max_gid is omitted, all gids greater than or equal min_gid match. For the exact match all groups including the user’s supplementary groups are examined. For the range matches only the user’s primary group is examined.<\/p>\n

\u2022 a gid specified as %:<\/b><\/i> applicable to maxlogins limit only. It limits the total number of logins of all users that are member of the group with the specified gid.<\/p>\n

<\/b><\/p>\n

hard<\/b><\/p>\n

for enforcing hard<\/b> resource limits. These limits are set by the superuser and enforced by the Kernel. The user cannot raise his requirement of system resources above such values.<\/p>\n

soft<\/b><\/p>\n

for enforcing soft<\/b> resource limits. These limits are ones that the user can move up or down within the permitted range by any pre\u2212existing hard<\/b> limits. The values specified with this token can be thought of as default<\/i> values, for normal system usage.<\/p>\n

\u2212<\/b><\/p>\n

for enforcing both soft<\/b> and hard<\/b> resource limits together.<\/p>\n

Note, if you specify a type of ‘\u2212’ but neglect to supply the item and value fields then the module will never enforce any limits on the specified user\/group etc. .<\/p>\n

<\/b><\/p>\n

core<\/b><\/p>\n

limits the core file size (KB)<\/p>\n

data<\/b><\/p>\n

maximum data size (KB)<\/p>\n

fsize<\/b><\/p>\n

maximum filesize (KB)<\/p>\n

memlock<\/b><\/p>\n

maximum locked\u2212in\u2212memory address space (KB)<\/p>\n

nofile<\/b><\/p>\n

maximum number of open file descriptors<\/p>\n

rss<\/b><\/p>\n

maximum resident set size (KB) (Ignored in Linux 2.4.30 and higher)<\/p>\n

stack<\/b><\/p>\n

maximum stack size (KB)<\/p>\n

cpu<\/b><\/p>\n

maximum CPU time (minutes)<\/p>\n

nproc<\/b><\/p>\n

maximum number of processes<\/p>\n

as<\/b><\/p>\n

address space limit (KB)<\/p>\n

maxlogins<\/b><\/p>\n

maximum number of logins for this user (this limit does not apply to user with uid=0<\/i>)<\/p>\n

maxsyslogins<\/b><\/p>\n

maximum number of all logins on system; user is not allowed to log\u2212in if total number of all user logins is greater than specified number (this limit does not apply to user with uid=0<\/i>)<\/p>\n

priority<\/b><\/p>\n

the priority to run user process with (negative values boost process priority)<\/p>\n

locks<\/b><\/p>\n

maximum locked files (Linux 2.4 and higher)<\/p>\n

sigpending<\/b><\/p>\n

maximum number of pending signals (Linux 2.6 and higher)<\/p>\n

msgqueue<\/b><\/p>\n

maximum memory used by POSIX message queues (bytes) (Linux 2.6 and higher)<\/p>\n

nice<\/b><\/p>\n

maximum nice priority allowed to raise to (Linux 2.6.12 and higher) values: [\u221220,19]<\/p>\n

rtprio<\/b><\/p>\n

maximum realtime priority allowed for non\u2212privileged processes (Linux 2.6.12 and higher)<\/p>\n

All items support the values \u22121<\/i>, unlimited<\/i> or infinity<\/i> indicating no limit, except for priority<\/b> and nice<\/b>.<\/p>\n

If a hard limit or soft limit of a resource is set to a valid value, but outside of the supported range of the local system, the system may reject the new limit or unexpected behavior may occur. If the control value required<\/i> is used, the module will reject the login if a limit could not be set.<\/p>\n

In general, individual limits have priority over group limits, so if you impose no limits for admin<\/i> group, but one of the members in this group have a limits line, the user will have its limits set according to this line.<\/p>\n

Also, please note that all limit settings are set per login<\/i>. They are not global, nor are they permanent; existing only for the duration of the session. One exception is the maxlogin<\/i> option, this one is system wide. But there is a race, concurrent logins at the same time will not always be detect as such but only counted as one.<\/p>\n

In the limits<\/i> configuration file, the ‘#<\/b>‘ character introduces a comment \u2212 after which the rest of the line is ignored.<\/p>\n

The pam_limits module does report configuration problems found in its configuration file and errors via syslog<\/b>(3).<\/p>\n

EXAMPLES <\/a> <\/h2>\n

These are some example lines which might be specified in \/etc\/security\/limits.conf.<\/p>\n

* soft core 0
bodies manpages.csv script_extrae_body.sh script.sh usr hard nofile 512
@student hard nproc 20
@faculty soft nproc 20
@faculty hard nproc 50
ftp hard nproc 0
@student \u2212 maxlogins 4
:123 hard cpu 5000
@500: soft cpu 10000
600:700 hard locks 10<\/p>\n

SEE ALSO <\/a> <\/h2>\n

pam_limits<\/b>(8), pam.d<\/b>(5), pam<\/b>(8), getrlimit<\/b>(2), getrlimit<\/b>(3p)<\/p>\n

AUTHOR <\/a> <\/h2>\n

pam_limits was initially written by Cristian Gafton <\/p>\n

\n","protected":false},"excerpt":{"rendered":"

limits.conf \u2212 configuration file for the pam_limits module <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[959],"tags":[961,1545,1291],"class_list":["post-4598","post","type-post","status-publish","format-standard","hentry","category-5-formatos-de-ficheros","tag-961","tag-limits","tag-man5"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4598","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=4598"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4598\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=4598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=4598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=4598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}