PDA

View Full Version : ulimit Changes for File nofiles



derekmceachern
19-Dec-2011, 22:36
I'm really struggling to figure this out. I'm having a similar issues
that was posted to this 'thread'
(http://forums.novell.com/suse/suse-product-discussion-forums/suse-linux-enterprise/suse-linux-enterprise-server-sles/sles-configure-administer/418730-ulimit-changes-work-su-but-ignored-login.html)
but I don't see a solution to the problem.

I'm trying to increase the hard and soft limits for the oracle user by
specifying them in /etc/security/limits.conf

oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 4096
oracle hard nofile 65536
oracle soft stack 10240

All the limits are being applied correctly except the nofile limits.

If I log in as that user, either with a new session or "su - oracle"
the nofile limit is 1024 and can't be adjusted any higher. However, if I
just "su oracle" from the root user the nofile limits are what is
specified in the file.

From what I can gather I need to have the "session require
pam_limits.so" specified in /etc/pam.d/login but as far as I can tell it
is included via the "session include common-session" line.

Any one else have this problem or know of a solution?


--
derekmceachern
------------------------------------------------------------------------
derekmceachern's Profile: http://forums.novell.com/member.php?userid=121489
View this thread: http://forums.novell.com/showthread.php?t=449813

ab
19-Dec-2011, 22:51
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Are you sure there is not something in the 'oracle' user's profile or
login scripts resetting it again to some smaller value? The difference
between 'su' on its own and the options that fail as you described them
is that the other options reset the environment completely where 'su' on
its own does not so you are actually inheriting the previous user's
settings (and the previous user may not have any bash/profile scripts
setting things down to 1024).

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJO77HHAAoJEF+XTK08PnB5nXYQAIbz71CiQ0 q+Izb+Vib2v8kR
jAvpJa3Z6Pzrz8jwTbx8ar7aPo2Fbruigph3xsAa3iHVXUWcLR TKHKQXqZdJsuBj
O+r8uK4BbHq7FrzrNcMLDMWQHcBtTSworvrG1SXiC23D1ntTjY OFjyfUpPAP18sE
5FeXEja2Lg/ZhiYbHzZVdca5IHXXbcX7CFpsjkOJThzVNqfkEXDBYU3S6KNi3 aVZ
jqLDeq6RisSSCP71RgjWOUuxbmC+Xgk0UixHosLRJRLOh2wnF4 G1PSdm0mtnODsO
qtUAolOHDebhXKvTyyNE+onF8tK06EvK3jqIwDbaxqSOGFRse+ qwLWLx5MqD25x6
va40ZUXFMcLPc6PNqNSsSDN0aciE9MNcRr+G1Hwfd0e0WqylRg tJkiogy2dOWW2K
IFydLEj1ur7a6Dw6E57Ncnqu9QTfnt8UB3UHjaD1HofQpJKVla H52Ay5br1um2wj
tfhyC3yGhYC1Z7aPinj4HqrY0ia9uUral5w31JMlXMWhjXPgmt XohMQDKDvqTDEx
cPl92jmammCd+T4TmRduxt3ZatzG7fVU7PZlSCb3V7r7Ii/V0LRTw/Y25sNV+bPJ
kj9EhEgJtBdcdWwGNYMnwYKtPRtIRmj2AK7CdR4s+4dQo36TXv uiSV5kn+kpER56
HuaFFqoGICVSSwEKtQSH
=/fh6
-----END PGP SIGNATURE-----

derekmceachern
20-Dec-2011, 03:56
That's really strange.

Your right, there is a limit set in oracle users profile, it's a ksh
shell and it does a

ulimit -n 1024

However, if I try and change the limit using the ulimit command it
fails.

(oracle) $ ulimit -Sn 2048
-ksh: ulimit: 2048: limit exceeded [Invalid argument]

If I remove the ulimit in the .kshrc it gets set correctly and I'm able
to change it.

I guess I don't understand the mechanism here on why the .kshrc ulimit
is taking precedence and preventing it from being modified after login.


--
derekmceachern
------------------------------------------------------------------------
derekmceachern's Profile: http://forums.novell.com/member.php?userid=121489
View this thread: http://forums.novell.com/showthread.php?t=449813

derekmceachern
20-Dec-2011, 04:16
RTFM :-) From ulimit(2)

The -H and -S flags specify whether the hard limit or the
soft limit for the given resource is set. A hard limit can-
not be increased once it is set. A soft limit can be
increased up to the value of the hard limit. If neither the
-H or -S options is specified, the limit applies to both.

That would explain why I can't change the hard limit after it's been
set.


--
derekmceachern
------------------------------------------------------------------------
derekmceachern's Profile: http://forums.novell.com/member.php?userid=121489
View this thread: http://forums.novell.com/showthread.php?t=449813

ab
20-Dec-2011, 05:11
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exactly. If a hard limit could be increased at runtime by the user
themselves it'd hardly be a limit. :-)

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJO8AraAAoJEF+XTK08PnB5QYUP/1cF30IQxMtCILD28Yi9GDF/
IMqJMohYJ6Ay0VrDKBW6mmYuHm4EJPRevUu9yEjEShzh8rRDoH hXOHWItlf8mUTc
ukBkxHQeR48nJjFANYlFrkq378xDzpX3eQHQh0D21unGZ5Xp4D n/S/zcxyiyz/eb
yBJUEBbiQWiOFV+Om0iEDwX1XuHGMlHaIceGOOWytMKGLa5UOD BDFvWqcPGb0ixv
/vIv32uJF942QCLt9wVmf54qrgnDiCbLqkF+eG4LbpTYZO53jzl yLmQHbkHxWROC
RmqcYbRWH1sGM+AsrYczHPX7KNOynvVCjkWrNxi1qN8bMVW9T9 BIHCs+21fGNv5p
/xmfh2aHhT53cOxllCRRe0P5+9554TtWoyRHDs2NTX9Ehi93Vt5 5Gj3xvdjMHenj
vn4/2idtylIx2TMPKYmGS9wLBcmbqqoqFcuMTmXNpjE5hTojQE9kOo fSV1XmQATo
sdmtugof6TKw9/yfwwanSLAk2/kY1AkaPQ9qBxHyCMegViXYRX9NpwJCYsTAt/bO
g3ifpHHiHCwO6DHwiWzeOJn+voc5ukB9tJhLSHtIUUlOhz6AGx efSmJAg44GLArH
IuNLssuGMa4O5Wr+64OXId8J88wiFqWev8pB+3RN6zps2JPQy8 hSyg6vI1ruPDdv
d9dZxuJGbVIL5v0TW0Q1
=6MFt
-----END PGP SIGNATURE-----

derekmceachern
20-Dec-2011, 16:36
But to my way of thinking they should be able to increase the hard limit
to what the system has defined as the hard limit for that user.

I have a system defined limit of 4096 defined in
/etc/security/limits.conf.

User sets hard limit in profile to 1024.

I would expect them to be able to adjust the hard limit up to 4096 but
not beyond.

Either way, I now understand the behaviour and can make it work like I
need.


--
derekmceachern
------------------------------------------------------------------------
derekmceachern's Profile: http://forums.novell.com/member.php?userid=121489
View this thread: http://forums.novell.com/showthread.php?t=449813

ab
20-Dec-2011, 17:06
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, you understand it correctly. The problem is that Oracle apparently
does not understand and instead of setting a soft limit (which you could
then control as you tried to do) they set a hard limit, with the
'oracle' user, thus locking you out from making your own changes after
the fact. Silly, but oh well.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJO8LKYAAoJEF+XTK08PnB5WUkP/1j5RyWKMXGLCjYOMPfuTh0y
VzmYk03MbDJMu3Im5JqQkXyj143X+r48moEdBCS4sgT7K3SKM9 0tuzQm6rhUoRXj
lID3ol3QISk8e1LKkhHQYdlIMBBvEMJY/BJ5YOMNr2SmibwCNyUv0SAJnK+VOd4N
dknEN+bHedWNSICaXhcFH+PaYNxC+BxF9h28roQgKTvP4JQYbj Nz+pGHrkdzDJPD
6j8tFzz+/0DFfwU4AMFhWJgqJbbkrlPksknW2ePz3jXw/o73vnLJWsRR+8TILwtU
cqCwXuXZZcFGDWQf3VxJqgF1b2HAmji9Vvm13wSgGJNhjJshtw g4S4Re8xcTirtv
hdtEzsHT1f/LLIvwjVbZZL+paOO+vic0PFpkZTXvUSWH4KldXq4G60t25X4q6 uVU
a2031bvPpj2Vf2AIru3kzpHjdltt9nV92+zmthViq2U/kiKNRY6peoXGmRs7ynic
oQkghH8buGXRgwPpbPk1DK0394Vl1xnvZoXfG4om2JQAYw4fSn kB9STgvkfhSI9V
mg5MFpaQCKEZsGEGRmhh+pR5IDNpkri+pBkJydsj+v+tKA7R6g SKh6RetWcgDsZZ
s+KekEOTdMLVZEb8SDquXBaaZ1y1y8h75bX8FtdsosiQKFwCKc eazWrYSvJKWNGk
0ieLpgWNx4OTg07EvDlM
=TgXC
-----END PGP SIGNATURE-----

chussi
25-Apr-2012, 12:54
Hey, I have a similar problem.

I canīt set the ulimit to 65536 for user root.

I setup /etc/security/limits.conf
root hard nofile 65536
But ulimit -n is keeps showing 1024

Where is 1024 being set - how can I change it ?

Entries for oracle users are working fine with the configure limits.conf

chris