How to check if kernel memory limits are set in Linux

Introduction

In this lab, we will explore how to check and understand kernel memory limits in Linux. We will focus on the vm.overcommit_memory setting, which controls how the kernel handles memory allocation requests.

Through hands-on steps, you will learn to use the sysctl command to view and temporarily modify this kernel parameter, verify memory settings by inspecting the /proc/sys/vm directory, and identify persistent kernel configuration files within /etc/sysctl.d. This lab will provide practical experience in managing and understanding Linux memory behavior.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("Linux")) -.-> linux/BasicFileOperationsGroup(["Basic File Operations"]) linux(("Linux")) -.-> linux/SystemInformationandMonitoringGroup(["System Information and Monitoring"]) linux(("Linux")) -.-> linux/UserandGroupManagementGroup(["User and Group Management"]) linux/BasicFileOperationsGroup -.-> linux/ls("Content Listing") linux/BasicFileOperationsGroup -.-> linux/cat("File Concatenating") linux/SystemInformationandMonitoringGroup -.-> linux/service("Service Managing") linux/UserandGroupManagementGroup -.-> linux/env("Environment Managing") linux/UserandGroupManagementGroup -.-> linux/export("Variable Exporting") subgraph Lab Skills linux/ls -.-> lab-558795{{"How to check if kernel memory limits are set in Linux"}} linux/cat -.-> lab-558795{{"How to check if kernel memory limits are set in Linux"}} linux/service -.-> lab-558795{{"How to check if kernel memory limits are set in Linux"}} linux/env -.-> lab-558795{{"How to check if kernel memory limits are set in Linux"}} linux/export -.-> lab-558795{{"How to check if kernel memory limits are set in Linux"}} end

Check memory limits with sysctl vm.overcommit

In this step, we will explore how Linux manages memory allocation, specifically focusing on the vm.overcommit_memory setting using the sysctl command.

The sysctl command is used to modify kernel parameters at runtime. These parameters are often stored in the /proc/sys/ directory. The vm.overcommit_memory parameter controls how the kernel handles requests for memory that exceed the available physical RAM.

There are three possible values for vm.overcommit_memory:

0: Heuristic overcommit. The kernel attempts to estimate if a memory allocation request is possible. This is the default setting.
1: Always overcommit. The kernel always grants memory allocation requests, even if they exceed available memory. This can lead to processes being killed later if they actually try to use the memory.
2: Never overcommit. The kernel will not grant memory allocation requests if they exceed the total available swap space plus a configurable percentage of physical RAM.

Let's check the current value of vm.overcommit_memory. Open your terminal and type the following command:

sysctl vm.overcommit_memory

Press Enter.

You should see output similar to this:

vm.overcommit_memory = 0

This output shows that the current setting for vm.overcommit_memory is 0, which means the kernel is using heuristic overcommit.

Understanding this setting is important for managing system resources and preventing out-of-memory errors in certain applications.

Now, let's try to change this value temporarily. We can do this by using sudo sysctl -w. The -w flag allows you to write a new value to a kernel parameter.

Type the following command to set vm.overcommit_memory to 1:

sudo sysctl -w vm.overcommit_memory=1

Press Enter.

You should see output confirming the change:

vm.overcommit_memory = 1

Now, let's check the value again to confirm it has changed:

sysctl vm.overcommit_memory

Press Enter.

The output should now show:

vm.overcommit_memory = 1

Note that changes made with sysctl -w are temporary and will be reset when the system restarts. We will explore how to make these changes permanent in a later step.

Click Continue to proceed to the next step.

Verify memory settings in /proc/sys/vm

In the previous step, we used the sysctl command to check and change the vm.overcommit_memory kernel parameter. Now, let's see where these parameters are actually stored in the file system.

Linux exposes kernel parameters through a virtual file system located at /proc/sys. This file system doesn't contain real files on disk, but rather provides an interface to interact with the running kernel.

The memory-related parameters are located in the /proc/sys/vm/ directory. We can use the ls command to list the files in this directory.

Open your terminal and type the following command:

ls /proc/sys/vm/

Press Enter.

You will see a list of files, each representing a kernel parameter related to virtual memory. The output will look similar to this (the exact files may vary slightly depending on the kernel version):

admin_reserve_kbytes            hugetlb_shm_group             oom_kill_allocating_task
block_dump                      laptop_mode                   oom_score_adj
compact_hueristics              lowmem_reserve_ratio          overcommit_memory
compact_memory                  max_map_count                 overcommit_ratio
... (many more files)

Notice the file named overcommit_memory. This file contains the current value of the vm.overcommit_memory parameter that we were working with in the previous step.

We can use the cat command to view the content of this file. Remember that we set the value to 1 in the previous step.

Type the following command:

cat /proc/sys/vm/overcommit_memory

Press Enter.

The output should be:

This confirms that the value we set using sysctl -w is reflected in the /proc/sys/vm/overcommit_memory file.

You can also view other memory-related parameters in this directory using cat. For example, to see the overcommit ratio:

cat /proc/sys/vm/overcommit_ratio

Press Enter.

The output will show the current overcommit ratio, which is used when vm.overcommit_memory is set to 2.

Exploring the files in /proc/sys/vm/ is a great way to understand the various kernel parameters that control memory management in Linux.

Click Continue to move on to the next step.

Inspect sysctl config in /etc/sysctl.d

In the previous steps, we learned how to check and temporarily change kernel parameters using sysctl and how these parameters are reflected in the /proc/sys file system. However, changes made with sysctl -w are not permanent. To make kernel parameter changes persistent across reboots, we need to configure them in specific configuration files.

The primary location for persistent sysctl configurations is the /etc/sysctl.conf file. Additionally, Linux systems often use the /etc/sysctl.d/ directory to store configuration snippets in separate files. This modular approach makes it easier to manage configurations for different applications or system components.

Let's inspect the contents of the /etc/sysctl.d/ directory. We can use the ls command to list the files within this directory.

Open your terminal and type the following command:

ls /etc/sysctl.d/

Press Enter.

You will see a list of configuration files. These files typically have a .conf extension. The output might look something like this:

10-console-messages.conf  10-kernel-hardening.conf  10-tcp-congestion-control.conf  99-sysctl.conf

Each of these files can contain sysctl parameter settings in the format parameter = value. When the system boots, it reads /etc/sysctl.conf and then all files in /etc/sysctl.d/ in alphabetical order to apply the persistent kernel parameter settings.

Let's view the content of one of these configuration files, for example, 10-kernel-hardening.conf. We can use the cat command to display its content.

Type the following command:

cat /etc/sysctl.d/10-kernel-hardening.conf

Press Enter.

You will see the kernel parameters configured in this file. The content will vary, but it might include settings related to security or system behavior.

#
## sysctl settings for kernel hardening
#

## Disable unprivileged user namespaces
kernel.unprivileged_userns_clone=0

## Protect against symlink attacks
fs.protected_hardlinks=1
fs.protected_symlinks=1

## Disable kexec
kernel.kexec_load_disabled=1

## Disable bpf JIT
net.core.bpf_jit_enable=0

## Disable ptrace access to other processes
kernel.yama.ptrace_scope=1

You can see how kernel parameters like kernel.unprivileged_userns_clone and fs.protected_hardlinks are set here.

To make our vm.overcommit_memory=1 setting permanent, we would typically add the line vm.overcommit_memory = 1 to a new or existing file in /etc/sysctl.d/ (or in /etc/sysctl.conf). However, for the purpose of this introductory lab, we will not make this change permanent.

Understanding the /etc/sysctl.d/ directory is crucial for configuring persistent kernel parameter settings on your Linux system.

Click Continue to complete this lab.

Summary

In this lab, we learned how to check and understand kernel memory limits in Linux, specifically focusing on the vm.overcommit_memory setting. We used the sysctl command to view the current value of this parameter, which controls how the kernel handles memory allocation requests that exceed available physical RAM. We explored the three possible values (0, 1, and 2) and their implications for memory management. We also practiced temporarily changing the vm.overcommit_memory value using sudo sysctl -w.

Furthermore, we verified kernel memory settings by inspecting the /proc/sys/vm directory, which provides a filesystem interface to kernel parameters. We also learned how to identify persistent kernel parameter configurations by examining files within the /etc/sysctl.d directory. These steps provided a comprehensive understanding of how to check and locate kernel memory limit settings in a Linux environment.