Introduction ulimit is a built-in Linux shell command that allows viewing or limiting system resource amounts that individual users consume. Limiting resource usage is valuable in environments with multiple users and system performance issues. In this tutorial, you will learn to use the ulimit command in Linux with examples. Prerequisites
The limits.conf file is a configuration file that defines the system resource allocation settings ulimit uses. The full path to the configuration file is /etc/security/limits.conf. Changing the values in the file persist after system reboot. Superuser permissions are required for editing the limits.conf file. The first section of the limits.conf file looks like this:
The following sections explain the ulimit syntax and the difference between two resource limitation types - a soft limit and hard limit.
Note: Use the top command to obtain information about the running processes and resource usage in a system. The ulimit command takes the following general syntax: ulimit [flags][limit]For example, to set the physical memory size in kilobytes, enter: ulimit -m 15000Use the ulimit flags to view or limit individual values for various system resources. When a [limit] is given, it is the new value of the specified resource. The available flags are:
Note: If your system doesn't support a feature, the corresponding flag does not work. [limit] ParameterAdding a [limit] passes the new value for the specified resources. When omitted, the command prints the current soft limit value for the specified resource, unless you specify the -H flag. The limit applies to both the soft and hard limit if neither the -H nor -S flags are specified. The ulimit command has two exit values:
The soft resource limits are kernel-enforced values for the corresponding resource. The soft limit is manageable by any user, and its maximum value cannot exceed the hard limit. The hard limit acts as a ceiling for the soft limit. To view the detailed soft limits for the current user, run: ulimit -Sa
The hard resource limit defines physical resource limit for a user. At the same time, the hard limit is the maximum value for soft limit. Only root users are allowed to change the hard limit. To view the detailed hard limits for the current user, run: ulimit -Ha
Note: To avoid performance issues and noisy neighbors, choose one of our Bare Metal Cloud instances. With dedicated compute power, you do not have to worry about resource contention. Run the ulimit command by entering the command name in the terminal: ulimit
The output shows the resource amount that the current user has access to. In this example, the user has unlimited system resources. To view or set individual resource limits, use the available ulimit flags. The following sections lists the most common uses of the ulimit command. Get a detailed report with all resource limits for the current user by specifying the -a flag: ulimit -a
The output contains a detailed report about the resource limits for the current user. Limit a user's maximum process number by specifying the -u flag and the number of processes. For example, we will limit the process number to 10: ulimit -u 10Restricting the maximum process number per user prevents them from using up all the system's resources. Limiting the process number also prevents the adverse effects of potential attacks such as fork bomb. For example:
In the example above, we first limited the process number to 10, and then executed a fork bomb. The fork bomb would otherwise use up all the resources and make the system unresponsive. The -f flag sets the maximum file size that a user can make. For example, the following command limits the file size to 50KB: ulimit -f 50Test if the limit works by creating a larger file. For example, we used the cat command to redirect the /dev/zero output to a file, which would be much larger than 50KB:
The output states that the file size limit has been exceeded. Check the file size by running: ls -lh file
The ls command output shows that the file size is exactly 50KB, which is the limit we have previously set. Use the -v flag to set the maximum virtual memory amount available to a process. Limiting a process' virtual memory stops it from using up all the memory and prevents thrashing. For example, the following command limits the virtual memory available for a process to 1000KB: ulimit -v 1000The -n flag limits the number of simultaneously opened files (file descriptors). The following example sets the number of open files to five: ulimit -n 5To test this, we will try to open multiple text files, which results in an error:
To change the soft or hard limit, edit the values in the limits.conf file. Follow the steps below: 1. Open a terminal window and change the directory to /etc/security: cd /etc/security2. Open the limits.conf file using a text editor, such as the vim editor. vim limits.conf3. Change the limit values by editing the existing entries or adding a new one. Each limitation entry has four parts:
For example:
Make sure to uncomment the line when editing the config file.
Conclusion You now know how to use the ulimit command to prevent users, buggy commands, or programs from utilizing an excessive system resource amount. Unlimited resource use in a shared environment impacts other users' experience, so the best way to prevent it is to set appropriate limits. |