How to check if ulimit settings are applied in Linux

Introduction

In this lab, you will learn how to verify if ulimit settings are correctly applied in Linux. You will explore different methods to check resource limits, starting with displaying the current shell's limits using ulimit -a.

Following that, you will examine the system-wide configuration file /etc/security/limits.conf to understand how limits are set for users and groups. Finally, you will learn how to verify the actual limits applied to a running process by inspecting its /proc entry. This hands-on approach will provide a comprehensive understanding of how resource limits function and how to troubleshoot related issues in a Linux environment.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("Linux")) -.-> linux/BasicSystemCommandsGroup(["Basic System Commands"]) linux(("Linux")) -.-> linux/BasicFileOperationsGroup(["Basic File Operations"]) linux(("Linux")) -.-> linux/UserandGroupManagementGroup(["User and Group Management"]) linux/BasicSystemCommandsGroup -.-> linux/echo("Text Display") linux/BasicSystemCommandsGroup -.-> linux/help("Command Assistance") linux/BasicFileOperationsGroup -.-> linux/cat("File Concatenating") linux/UserandGroupManagementGroup -.-> linux/env("Environment Managing") subgraph Lab Skills linux/echo -.-> lab-558811{{"How to check if ulimit settings are applied in Linux"}} linux/help -.-> lab-558811{{"How to check if ulimit settings are applied in Linux"}} linux/cat -.-> lab-558811{{"How to check if ulimit settings are applied in Linux"}} linux/env -.-> lab-558811{{"How to check if ulimit settings are applied in Linux"}} end

Display limits with ulimit -a

In this step, you will learn about resource limits in Linux using the ulimit command. Resource limits control the maximum amount of system resources that a process can use. This is important for system stability and preventing a single process from consuming all available resources.

The ulimit command allows you to view and set these limits for the current shell session and any processes started from it.

To display all current resource limits, open your terminal and type the following command:

ulimit -a

Press Enter.

You will see output similar to this:

core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) <placeholder>
max locked memory       (kbytes, -l) <placeholder>
max memory size         (kbytes, -m) unlimited
open files                      (-n) <placeholder>
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) <placeholder>
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) <placeholder>
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

The output shows various resource limits, such as the maximum number of open files (-n), the maximum number of user processes (-u), and the maximum stack size (-s). The unlimited value means there is no enforced limit for that resource.

Understanding these limits is crucial for diagnosing performance issues or unexpected program behavior. For example, if a program fails because it cannot open enough files, checking the open files limit with ulimit -a would be a good first step.

You can also view individual limits by specifying the option. For example, to see the limit on the number of open files:

ulimit -n

This will output a single number representing the current limit for open files.

Experiment with the ulimit -a command in your terminal. Familiarize yourself with the different types of limits displayed.

Click Continue to proceed to the next step.

Check limits config with cat /etc/security/limits.conf

In the previous step, you used ulimit -a to see the current resource limits for your shell session. These limits are often configured system-wide in a file called /etc/security/limits.conf.

This file is part of the Pluggable Authentication Modules (PAM) framework and allows administrators to set resource limits for users and groups upon login.

Let's view the contents of this configuration file using the cat command. cat is a simple command used to display the content of files.

Open your terminal and type the following command:

cat /etc/security/limits.conf

Press Enter.

You will see the content of the limits.conf file. The output will look something like this (comments and specific entries may vary):

## /etc/security/limits.conf
#
#This file sets the limits for the resources available to the login session of
#users and groups. It is used together with the pam_limits module.
#
## (it is recommended to use #include files from /etc/security/limits.d/)
#

#*               soft    core            0
#root            hard    core            unlimited
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           unlimited
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4

This file uses a simple format:

<domain> <type> <item> <value>

<domain>: Specifies the user or group the limit applies to. It can be a username, a group name (preceded by @), or * for all users.
<type>: Can be soft or hard.
- soft limits are the current limits that can be increased by the user (up to the hard limit).
- hard limits are the maximum limits that a non-root user cannot exceed.
<item>: The resource item being limited (e.g., nproc for the number of processes, nofile for the number of open files).
<value>: The limit value.

Lines starting with # are comments and are ignored.

Notice the line ## (it is recommended to use #include files from /etc/security/limits.d/). This indicates that system-specific or application-specific limits are often placed in separate files within the /etc/security/limits.d/ directory. This helps keep the main limits.conf file clean and organized.

While you won't modify this file in this lab, understanding its structure and purpose is important for system administration. The limits you saw with ulimit -a are often derived from the settings in this file and files in limits.d.

Click Continue to move to the next step.

Verify process limits with cat /proc/self/limits

In the previous steps, you learned about ulimit for viewing current session limits and /etc/security/limits.conf for system-wide configuration. Now, let's look at how a running process reports its own limits.

Linux provides a virtual filesystem called /proc that contains information about running processes and the system kernel. Each running process has a directory under /proc named after its Process ID (PID).

The special directory /proc/self is a symbolic link that points to the /proc directory of the process accessing it. So, when you are in your terminal and access /proc/self, you are looking at the information for your current shell process.

Inside the /proc/self directory, there is a file named limits that contains the resource limits for that specific process.

Let's view the limits for your current shell process using cat:

cat /proc/self/limits

Press Enter.

You will see output similar to this:

Limit                     Soft Limit           Hard Limit           Units
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        0                    unlimited            bytes
Max resident set          unlimited            unlimited            bytes
Max processes             unlimited            unlimited            processes
Max open files            1048576              1048576              files
Max locked memory         65536                65536                bytes
Max address space         unlimited            unlimited            bytes
Max file locks            unlimited            unlimited            locks
Max pending signals       <placeholder>        <placeholder>        signals
Max msgqueue size         819200               819200               bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited            unlimited            us

This output shows the Soft Limit and Hard Limit for each resource, similar to what you saw with ulimit -a. The values here reflect the actual limits applied to the process that executed the cat command (your shell).

Compare the output of cat /proc/self/limits with the output of ulimit -a from the first step. You should see that the values are consistent, as ulimit -a reports the limits of the current shell process.

The /proc filesystem is a powerful tool for inspecting the state of your Linux system and its processes. The limits file within each process's directory provides a direct way to verify the resource limits that are in effect for that specific process.

You have now learned three different ways to interact with resource limits in Linux: viewing current session limits with ulimit -a, examining the system-wide configuration in /etc/security/limits.conf, and checking the limits for a specific process via /proc/<PID>/limits (or /proc/self/limits).

Click Continue to complete this lab.

Summary

In this lab, you learned how to check if ulimit settings are applied in Linux. You started by using the ulimit -a command to display the current resource limits for the shell session, understanding the various limits like open files, user processes, and stack size. This command provides a quick overview of the limits inherited by processes launched from the current shell.

Next, you explored the system-wide configuration file /etc/security/limits.conf using cat. This file defines default resource limits for users and groups, which are applied upon login. Finally, you verified the actual resource limits for a running process by examining /proc/self/limits, which shows the effective limits for the current process, demonstrating how to check the limits applied to a specific process instance.