sean的农场
large picture of the cover

limit.conf配置文件解析

Linux资源限制配置文件是/etc/security/limits.conf。限制用户可使用的资源数量对系统的稳定性非常重要。您可以通过调整资源限制数量改进系统性能。limits.conf文件如下所示:

# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means, for example, that setting a limit for wildcard domain here
#can be overridden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overridden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - a user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open file descriptors
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4

# End of file

其中soft是一个警告值,hard是真正意义的阈值,超过系统就会报错,一般情况下两者设为同一个值。一般保持系统安装时的默认值即可。可配置的资源有如下种类:

资源项

含义

core

内核文件大小(KB)

data

最大数据大小(KB)

fsize

最大文件大小(KB)

memlock

最大锁定内存地址空间(KB)

nofile

最大打开的文件描述符数量

rss

最大持久设置大小(KB)

stack

最大堆栈大小(KB)

cpu

最大CPU时间(分钟)

noproc

最大进程数量

as

地址空间限制(KB)

maxlogins

用户最大登录次数

maxsyslogins

系统上登录的最大数量

priority

运行用户进程的优先级

locks

用户可持有的最大文件锁数量

sigpending

最大挂起的信号数量

msgqueue

POSIX消息队列使用的最大内存(字节)

nice

最大可提升到的合适优先级

rtprio

最大实时优先级

nofile、noproc、core参数可修改为如下值:

# *表示所有用户,可只设置root和特定用户
* soft nofile 65536
# 注意:设置nofile的hard limit不能大于/proc/sys/fs/nr_open,否则注销后将无法正常登陆
* hard nofile 65535
* soft nproc 65536
* hard nproc 65535
# unlimited表示无限制
* soft core unlimited
* hard core unlimited

site logo

© 2025 sean的农场