Managing Linux System Resources With The Ulimit Command

If you are working in a shared Linux environment it is crucial to manage system resources. If you don’t and something happens to one user account it could end up using more resources than expected causing degraded performance for everyone else using the server. One way to limit system resources is to use the ulimit command.

In this blog post, we will explore the ulimit command from what type of resources it can limit, syntax, examples, and more.

What Is Ulimit?

The ulimit command in Linux allows users and system administrators to set resource limits to shell and processes started from shell processes. Ulimit includes two types of limits, soft and hard limits below we will discuss the differences.

Soft Limits

Soft limits can be set as a default or be set by the user. These limits can be changed within the bounds of the hard limit.

Generally, when a process reaches the ser soft limit a warning may be displayed and it will also be logged in the system logs on systems systems this would be the systems journal.

Note: In certain configurations, it may be possible that applications may be terminated after the soft limit. Make sure to test this before relying on expected behavior.

Hard Limits

Hard Limits are the absolute cap for resource usage, set by the system administrator, and cannot be changed by anyone else.

When a process reaches the limit the application/shell will be terminated and logged to system logs.

How To Check Ulimit

To check what is set in ulimit use the following command:

ulimit -a

The Results will look something like the image below:

Ulimit User Syntax

Ulimit can limit quite a few different resources from the max file size, CPU time, and Memory to name a few.

Below is the list of flags as shown by ulimit –help command.

-S use the `soft’ resource limit

-H use the `hard’ resource limit

-b the socket buffer size

-c the maximum size of core files created

-d the maximum size of a process’s data segment

-e the maximum scheduling priority (`nice’)

Advertisement

-f the maximum size of files written by the shell and its children

-i the maximum number of pending signals

-k the maximum number of kqueues allocated for this process

-l the maximum size a process may lock into memory

-m the maximum resident set size

Advertisement

-n the maximum number of open file descriptors

-p the pipe buffer size

-q the maximum number of bytes in POSIX message queues

-r the maximum real-time scheduling priority

-s the maximum stack size

Advertisement

-t the maximum amount of cpu time in seconds

-u the maximum number of user processes

-v the size of virtual memory

-x the maximum number of file locks

-P the maximum number of pseudoterminals

Advertisement

-R the maximum time a real-time process can run before blocking

-T the maximum number of threads

Practical User Ulimit Examples

As a user, you want to set the open file limit to 1000 (for the current shell session).

ulimit -n 1000

You want to limit the memory usage per process to 500 MB (for the current shell session).

ulimit -v 500000

You want to set a CPU time limit per process to 5 minutes (for the current shell session).

ulimit -t 300

Note: Using this same syntax you can even set resource limits on your shell scripts.

How To Set Resource Limit As An Administrator

Administrators can set resource limits via /etc/security/limits.conf or in some cases files in /etc/security/limits.d/.

To confirm if you can use .d files check the contents of /etc/security/limits.conf as it should have a comment letting you know.

For the sake of this example we will make any changes in /etc/security/limits.conf.

When adding an entry the formatting will be as follows:

#<domain>        <type>  <item>  <value>

1. <domain>: will be username, group, or a wildcard
2. <type>: will be either soft or hard for the limit type
3. <item>: will be one from the below list

core – limits the core file size (KB)

data – max data size (KB)

size – maximum filesize (KB)

memlock – max locked-in-memory address space (KB)

nofile – max number of open file descriptors

rss – max resident set size (KB)

Advertisement

stack – max stack size (KB)

cpu – max CPU time (MIN)

nproc – max number of processes

as – address space limit (KB)

maxlogins – max number of logins for this user

Advertisement

maxsyslogins – max number of logins on the system

priority – the priority to run user process with

locks – max number of file locks the user can hold

sigpending – max number of pending signals

msgqueue – max memory used by POSIX message queues (bytes)

Advertisement

nice – max nice priority allowed to raise to values: [-20, 19]

rtprio – max realtime priority

4. <value>: will the value of the limit we want to set

Practical Administrator Ulimit Examples

To set a process limit for the user John of 100 append to /etc/security/limits.conf.

john    hard    nproc   100

To set a cpu limit for the developer group to 5 minutes append to /etc/security/limits.conf.

@developer hard    cpu     5

To set a soft limit of the number of open file descriptors to 1000 append to /etc/security/limits.conf.

*       soft    nofile  1000

Wrapping Up

If you find yourself in need of tools to limit resource usage ulimit may be what you need. In this post, we have discussed the ulimit command, starting with the differences between soft and hard limits. Wrapping things up discussing flags and what ulimit can limit to some practical examples with that information.

Additional Reading

For further information check out these resources.

• Check out the man page using the man ulimit command or an online man page.
• The /etc/security/limits.conf file directly as it should have comments though if it doesn’t the Arch Wiki is a good reference.