Ubuntu /etc/security/limits.conf 不生效问题

一、问题描述

修改 /etc/security/limits.conf ,重启之后不生效

内容如下:

* soft nofile 2048576
* hard nofile 2048576
root soft nofile 2048576
root hard nofile 2048576
* soft nproc 80480
* hard nproc 80960
root soft nproc 80480
root hard nproc 80960

 

二、解决问题

根据网上资料的说法有几种

1. 修改 /etc/ssh/sshd_config

开启这2项

UsePAM yes
UseLogin yes

 

2. 以下几个文件

/etc/pam.d/login
/etc/pam.d/su
/etc/pam.d/sshd

确保开启了pam_limits.so

session    required   pam_limits.so

 

3. 重启系统

注意:修改了/etc/security/limits.conf ,必须要重启,才能生效。

 

以上几个,都测试了一下,open files没有生效!max user processes倒是生效了

root@ubuntu:~# ulimit -a
core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 7832 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 80480 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited

 

最后终于找到原因了,是因为 内核参数没有配置

# 编辑配置文件
vi /etc/sysctl.conf
 
fs.nr_open = 10000000
 
# 重新加载
sysctl -p

 

再次重启,效果如下:

root@ubuntu:~# ulimit -a
core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 31392 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 2048576 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 80480 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited

 

本文参考链接:

https://blog.51cto.com/jonyisme/1919075

 

posted @ 2019-06-12 12:02  肖祥  阅读(3837)  评论(0编辑  收藏  举报