/etc/security/limits.conf, verify them, and understand each directive.
Prerequisites
- A Linux distribution with PAM-enabled login (most modern distros).
sudoprivileges to edit/etc/security/limits.conf.
1. Back Up and Open limits.conf
Always back up system configuration files before editing.
2. Understanding limits.conf Fields
limits.conf uses four fields per line:| Field | Description |
|---|---|
| domain | User (trinity), group (@developers), or * for all users. |
| type | soft (initial limit), hard (maximum ceiling), or - (both soft & hard). |
| item | Resource type (e.g., nproc, fsize, cpu). |
| value | Numeric limit (units vary per item). |
2.1 Domain
username(e.g.,trinity)- Group with
@prefix (e.g.,@developers) *for every user not otherwise matched
trinity to 10 processes:
2.2 Type
hard— absolute maximum (cannot be exceeded).soft— initial/session limit (can increase up to hard).-— sets bothsoftandhard.
2.3 Item
Resource items you can limit:| Item | Description | Example |
|---|---|---|
| nproc | Max processes per user session | 10 |
| fsize | Max file size (KB) | 1024 |
| cpu | CPU time (minutes) | 1 |
| core | Core dump file size (KB) | 0 |
| rss | Resident set size (KB) | 10000 |
| maxlogins | Max concurrent logins per user | 4 |
| … | See man limits.conf | – |
trinity:
3. Exercise: Enforce a 3-Process Limit for “trinity”
-
Add the following (uncommented) line to
/etc/security/limits.conf: - Save and exit.
3.1 Verify the Limit
3.2 Check with ulimit
Changes take effect on new sessions. Log out and back in to apply updates.
Use
Use
ulimit -a to inspect all current limits.