[httpd][daily] 查看并修改httpd的最大fd打开个数limit
重要提示: 请直接阅读步骤(6),如果不生效,再回头阅读(1)-(5)。
如题:
修改这个文件就行了:/etc/security/limits.conf
查看当前配置的方法:
1. 找到httpd的pid(中间那三个apache的)
[root@server-tong-1 ~]# ps -ef |grep httpd root 1234 1 0 03:21 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND apache 1235 1234 0 03:21 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND apache 1236 1234 0 03:21 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND apache 1237 1234 0 03:21 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND apache 1239 1234 0 03:21 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND root 1537 1210 0 03:28 pts/0 00:00:00 grep --color=auto httpd
2. 查看这几个进程当前使用的值
[root@server-tong-1 ~]# cat /proc/1236/limits Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size 0 unlimited bytes Max resident set unlimited unlimited bytes Max processes 15072 15072 processes Max open files 1024 4096 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 15072 15072 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us
3. 查看系统允许修改的最大值,以及用户名
[root@server-tong-1 ~]# cat /etc/shadow |grep apa apache:!!:17833:::::: [root@server-tong-1 ~]# cat /proc/sys/fs/nr_open 1048576
查到,limit可以使用的最大值是1048576,用户名是apache
另外,需要提到的一点,我曾经尝试直接将这个值设置成unlimited, 结果导致了root无法登录。【大哭~~】,后来想办法进去之后,查看到报错如下:【tag:修改limit.conf之后 ssh失败 root无法登录 OS无法登录】
546 Dec 10 02:44:03 server-tong-1 login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted 547 Dec 10 02:44:03 server-tong-1 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) 548 Dec 10 02:44:03 server-tong-1 login: Permission denied 549 Dec 10 02:44:15 server-tong-1 login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted 550 Dec 10 02:44:15 server-tong-1 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) 551 Dec 10 02:44:15 server-tong-1 login: Permission denied 552 Dec 10 02:44:42 server-tong-1 login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted 553 Dec 10 02:44:42 server-tong-1 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) 554 Dec 10 02:44:42 server-tong-1 login: Permission denied 555 Dec 10 02:44:55 server-tong-1 login: pam_unix(login:auth): check pass; user unknown 556 Dec 10 02:44:55 server-tong-1 login: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= 557 Dec 10 02:44:57 server-tong-1 login: FAILED LOGIN 1 FROM tty1 FOR (unknown), User not known to the underlying authentication module 558 Dec 10 02:45:03 server-tong-1 login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted 559 Dec 10 02:45:03 server-tong-1 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) 560 Dec 10 02:45:03 server-tong-1 login: Permission denied 561 Dec 10 02:50:01 server-tong-1 crond[14616]: pam_limits(crond:session): Could not set limit for 'nofile': Operation not permitted 562 Dec 10 03:00:01 server-tong-1 crond[14649]: pam_limits(crond:session): Could not set limit for 'nofile': Operation not permitted 563 Dec 10 03:00:20 server-tong-1 sshd[784]: Received signal 15; terminating.
4. 准备就绪后,我们现在来修改limit.conf文件吧!追加两行配置如下,并重启OS
[root@server-tong-1 ~]# tail -n3 /etc/security/limits.conf apache hard nofile 1048576 apache soft nofile 1048576 # End of file [root@server-tong-1 ~]#
5. 用2中的方法查看修改是否成功。
结果,令人尴尬的是,这个修改并不好使。。。。。
为什么呢? 因为我使用systemctl来管理httpd服务的启动的。所以当使用systemctl来start的时候,并不生效。但是手动执行/usr/bin/httpd是生效的。
这个时候我们需要步骤六,来搞定这一切
6. 修改 httpd.service文件
在 [Service] 章节增加如下一行:
LimitNOFILE=1048576
重启服务。
详见:https://fredrikaverpil.github.io/2016/04/27/systemd-and-resource-limits/
更值得注意的一件事情是什么呢?
这里边,1到5的步骤都是可以省略的,直接改第六步就可以生效了。
完!
