Ubuntu /etc/security/limits.conf 不生效问题
一、问题描述
修改 /etc/security/limits.conf ,重启之后不生效
内容如下:
* soft nofile 2048576 * hard nofile 2048576 root soft nofile 2048576 root hard nofile 2048576 * soft nproc 80480 * hard nproc 80960 root soft nproc 80480 root hard nproc 80960
二、解决问题
根据网上资料的说法有几种
1. 修改 /etc/ssh/sshd_config
开启这2项
UsePAM yes
UseLogin yes
2. 以下几个文件
/etc/pam.d/login /etc/pam.d/su /etc/pam.d/sshd
确保开启了pam_limits.so
session required pam_limits.so
3. 重启系统
注意:修改了/etc/security/limits.conf ,必须要重启,才能生效。
以上几个,都测试了一下,open files没有生效!max user processes倒是生效了
root@ubuntu:~# ulimit -a
core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 7832 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 80480 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
最后终于找到原因了,是因为 内核参数没有配置
# 编辑配置文件 vi /etc/sysctl.conf fs.nr_open = 10000000 # 重新加载 sysctl -p
再次重启,效果如下:
root@ubuntu:~# ulimit -a
core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 31392 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 2048576 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 80480 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
本文参考链接:
https://blog.51cto.com/jonyisme/1919075