modify and apply limits.conf without reboot

Posted on

Problem :

I have added a line in /etc/security/limits.conf to increase the number of open files.

*    hard nofile 4096
root hard nofile 16384

However when I run ulimit -n it says 1024 which is the default value. I did a logout and login but still see 1024. How can I apply the change?

Solution :

If you’re using bash, ulimit -n will only display the soft limit. To get the hard limit, you need to do ulimit -Hn.

On my system, I see this:

$ ulimit -n
1024
$ ulimit -Hn
4096

Changes made by ulimit command will be applied immediately without reboot (for new processes)

$ ulimit -n 4096       # set soft limit
$ ulimit -Hn 16384     # set hard limit

Also prlimit command (from util-linux package on Debian) can be used to check (or modify) limit value (for current shell):

$ prlimit   
RESOURCE   DESCRIPTION                             SOFT      HARD UNITS
AS         address space limit                unlimited unlimited bytes
CORE       max core file size                         0 unlimited bytes
...

Limits can be configured per-process, you can check it using:

cat /proc/<PID>/limits    # where <PID> is replaced by actual process ID
prlimit -p 4562           # or using prlimit

For modifying the limit is syntax is following:

prlimit -p <PID> --<resource>=<soft>:<hard>

set maximum number of opened files for process 4561:

prlimit --pid 4561 --nofile=128051:256102

In order to make such changes permanent, you have to modify /etc/security/limits.conf by adding your limits:

* soft nofile 4096
* hard nofile 16384

However, wildcard * won’t apply for root user. In order to do so, you have to state it explicitly:

* soft nofile 4096
* hard nofile 16384
root soft nofile 4096
root hard nofile 16384

These limits will be applied after creating a new session (of course after reboot). Switch to another user using su or login via ssh and check the updated limits:

su - myuser
ulimit -Sa
ulimit -Ha

NOTE: Usually some service is running out of resources, be sure to check limits also on process level (having largest possible value for root user is not a solution). If value configured in /etc/security/limits.conf is too large (not supported on your kernel), the default value will be used instead.

On systemd systems there are /etc/systemd/user.conf (/etc/systemd/user.conf.d/*.conf for user-specific values) config where limits per user can be overriden:

[Manager]
DefaultLimitAS=4G:16G
DefaultLimitNOFILE=1048576

Also there /etc/systemd/system.conf for system-wide configuration.

Some older distributions had issues with applying limits immediately, where modifying /etc/pam.d/common-session or /etc/pam.d/login would help. This is usually not necessary:

session required pam_limits.so

Make sure to check /var/log/auth.log first, when you’re having issues with applying limits.

Leave a Reply

Your email address will not be published. Required fields are marked *