关于RHEL6中ulimit的nproc限制
当前shell下更改用户可打开进程数
修改limits.conf配置文件生效
- [root@kumu ~]# ulimit -a //查看当前配置文件ulimit全局系数
- core file size (blocks, -c) 0
- data seg size (kbytes, -d) unlimited
- scheduling priority (-e) 0
- file size (blocks, -f) unlimited
- pending signals (-i) 1829
- max locked memory (kbytes, -l) 64
- max memory size (kbytes, -m) unlimited
- open files (-n) 1024
- pipe size (512 bytes, -p) 8
- POSIX message queues (bytes, -q) 819200
- real-time priority (-r) 0
- stack size (kbytes, -s) 10240
- cpu time (seconds, -t) unlimited
- max user processes (-u) 1024
- virtual memory (kbytes, -v) unlimited
- file locks (-x) unlimited
- [root@kumu ~]# vim /etc/security/limits.conf
- [root@kumu ~]# grep '^*' /etc/security/limits.conf
- * soft nproc 10240
- * hard nproc 10240
- * soft nofile 10240
- * hard nofile 10240
- [root@kumu ~]#
退出当前用户,重新登录即可让之前修改的limits生效
- [root@kumu ~]# ulimit -n
- 10240
- [root@kumu ~]# ulimit -u //发现nproc并没有像nofile一样而改变
- 1024
- [root@kumu ~]#
经google搜索获知,RHEL6下引入了配置文件/etc/security/limits.d/90-nproc.conf
(参见了@杨德华Devin 文章redhat5 和redhat6 root用户不同的ulimits)
- [root@kumu ~]# cat /etc/security/limits.d/90-nproc.conf
- # Default limit for number of user's processes to prevent
- # accidental fork bombs.
- # See rhbz #432903 for reasoning.
- * soft nproc 1024
- [root@kumu ~]#
我们修改这个文件尝试是否因为该文件影响,修改如下
- [root@kumu ~]# vim /etc/security/limits.d/90-nproc.conf
- [root@kumu ~]# cat /etc/security/limits.d/90-nproc.conf
- # Default limit for number of user's processes to prevent
- # accidental fork bombs.
- # See rhbz #432903 for reasoning.
- #* soft nproc 1024
- * soft nproc 65535
- [root@kumu ~]#
退出当前用户,重新登录即可让之前修改的limits生效,执行如下命令发现修改成功
- [root@kumu ~]# ulimit -u
- 10240
- [root@kumu ~]# ulimit -n
- 10240
- [root@kumu ~]#
由此可知,如果要修改配置文件limits.conf中的nproc限制上限是受文件/etc/security/limits.d/90-nproc.conf中nproc值大小制约的,但是shell终端下是不受制约的
另外笔者猜想,如果使用*号让全局用户生效是受文件/etc/security/limits.d/90-nproc.conf中nproc值大小制约的,而如果仅仅是针对某个用户,那么就不受该文件nproc值大小的影响
- [root@kumu ~]# vim /etc/security/limits.d/90-nproc.conf //恢复系统默认设置
- [root@kumu ~]# cat /etc/security/limits.d/90-nproc.conf
- # Default limit for number of user's processes to prevent
- # accidental fork bombs.
- # See rhbz #432903 for reasoning.
- * soft nproc 1024
- #* soft nproc 65535
- [root@kumu ~]# vim /etc/security/limits.conf //只针对某个用户测试(这里使用root)
- [root@kumu ~]# grep '^root' /etc/security/limits.conf
- root soft nproc 10240
- root hard nproc 10240
- [root@kumu ~]#
退出当前用户,重新登录即可让之前修改的limits生效,执行如下命令发现修改成功
- [root@kumu ~]# ulimit -u
- 10240
- [root@kumu ~]# ulimit -n
- 10240
- [root@kumu ~]#
笔者之前猜想正确,即只有当使用*号让全局用户生效的时候,生效的nproc的值大小是受文件/etc/security/limits.d/90-nproc.conf中nproc值大小制约的,而如果仅仅是针对某个用户,那么就不受该文件nproc值大小的影响。