1LIMITS.CONF(5) Linux-PAM Manual LIMITS.CONF(5)
2
6 limits.conf - configuration file for the pam_limits module
7
9 The syntax of the lines is as follows:
10 <domain> <type> <item> <value>
12 The fields listed above should be filled as follows:
14 <domain>
16 · a username
18 · a groupname, with @group syntax. This should not be confused
20 with netgroups.
21 · the wildcard *, for default entry.
23 · the wildcard %, for maxlogins limit only, can also be used with
25 %group syntax.
26 <type>
28 hard
30 for enforcing hard resource limits. These limits are set by the
31 superuser and enforced by the Kernel. The user cannot raise his
32 requirement of system resources above such values.
33 soft
35 for enforcing soft resource limits. These limits are ones that
36 the user can move up or down within the permitted range by any
37 pre-existing hard limits. The values specified with this token
38 can be thought of as default values, for normal system usage.
39 -
41 for enforcing both soft and hard resource limits together.
42 Note, if you specify a type of ´-´ but neglect to supply the
44 item and value fields then the module will never enforce any
45 limits on the specified user/group etc. .
46 <item>
48 core
50 limits the core file size (KB)
51 data
53 maximum data size (KB)
54 fsize
56 maximum filesize (KB)
57 memlock
59 maximum locked-in-memory address space (KB)
60 nofile
62 maximum number of open files
63 rss
65 maximum resident set size (KB) (Ignored in Linux 2.4.30 and
66 higher)
67 stack
69 maximum stack size (KB)
70 cpu
72 maximum CPU time (minutes)
73 nproc
75 maximum number of processes
76 as
78 address space limit (KB)
79 maxlogins
81 maximum number of logins for this user except for this with
82 uid=0
83 maxsyslogins
85 maximum number of logins on system
86 priority
88 the priority to run user process with (negative values boost
89 process priority)
90 locks
92 maximum locked files (Linux 2.4 and higher)
93 sigpending
95 maximum number of pending signals (Linux 2.6 and higher)
96 msqqueue
98 maximum memory used by POSIX message queues (bytes) (Linux 2.6
99 and higher)
100 nice
102 maximum nice priority allowed to raise to (Linux 2.6.12 and
103 higher) values: [-20,19]
104 rtprio
106 maximum realtime priority allowed for non-privileged processes
107 (Linux 2.6.12 and higher)
108 All items support the values -1, unlimited or infinity indicating no
110 limit, except for priority and nice.
111 If a hard limit or soft limit of a resource is set to a valid value,
113 but outside of the supported range of the local system, the system may
114 reject the new limit or unexpected behavior may occur. If the control
115 value required is used, the module will reject the login if a limit
116 could not be set.
117 In general, individual limits have priority over group limits, so if
119 you impose no limits for admin group, but one of the members in this
120 group have a limits line, the user will have its limits set according
121 to this line.
122 Also, please note that all limit settings are set per login. They are
124 not global, nor are they permanent; existing only for the duration of
125 the session.
126 In the limits configuration file, the ´#´ character introduces a
128 comment - after which the rest of the line is ignored.
129 The pam_limits module does report configuration problems found in its
131 configuration file and errors via syslog(3).
132
134 These are some example lines which might be specified in
135 /etc/security/limits.conf.
136 * soft core 0
138 * hard rss 10000
139 @student hard nproc 20
140 @faculty soft nproc 20
141 @faculty hard nproc 50
142 ftp hard nproc 0
143 @student - maxlogins 4
144
147 pam_limits(8), pam.d(5), pam(8), getrlimit(2) getrlimit(3p)
148
150 pam_limits was initially written by Cristian Gafton <gafton@redhat.com>
151Linux-PAM Manual 03/02/2009 LIMITS.CONF(5)