1LIMITS.CONF(5) Linux-PAM Manual LIMITS.CONF(5)
2
3
4
6 limits.conf - configuration file for the pam_limits module
7
9 The syntax of the lines is as follows:
10
11 <domain> <type> <item> <value>
12
13 The fields listed above should be filled as follows:
14
15 <domain>
16
17 · a username
18
19 · a groupname, with @group syntax. This should not be confused
20 with netgroups.
21
22 · the wildcard *, for default entry.
23
24 · the wildcard %, for maxlogins limit only, can also be used with
25 %group syntax.
26
27 <type>
28
29 hard
30 for enforcing hard resource limits. These limits are set by the
31 superuser and enforced by the Kernel. The user cannot raise his
32 requirement of system resources above such values.
33
34 soft
35 for enforcing soft resource limits. These limits are ones that
36 the user can move up or down within the permitted range by any
37 pre-existing hard limits. The values specified with this token
38 can be thought of as default values, for normal system usage.
39
40 -
41 for enforcing both soft and hard resource limits together.
42
43 Note, if you specify a type of ´-´ but neglect to supply the
44 item and value fields then the module will never enforce any
45 limits on the specified user/group etc. .
46
47 <item>
48
49 core
50 limits the core file size (KB)
51
52 data
53 maximum data size (KB)
54
55 fsize
56 maximum filesize (KB)
57
58 memlock
59 maximum locked-in-memory address space (KB)
60
61 nofile
62 maximum number of open files
63
64 rss
65 maximum resident set size (KB) (Ignored in Linux 2.4.30 and
66 higher)
67
68 stack
69 maximum stack size (KB)
70
71 cpu
72 maximum CPU time (minutes)
73
74 nproc
75 maximum number of processes
76
77 as
78 address space limit (KB)
79
80 maxlogins
81 maximum number of logins for this user except for this with
82 uid=0
83
84 maxsyslogins
85 maximum number of logins on system
86
87 priority
88 the priority to run user process with (negative values boost
89 process priority)
90
91 locks
92 maximum locked files (Linux 2.4 and higher)
93
94 sigpending
95 maximum number of pending signals (Linux 2.6 and higher)
96
97 msqqueue
98 maximum memory used by POSIX message queues (bytes) (Linux 2.6
99 and higher)
100
101 nice
102 maximum nice priority allowed to raise to (Linux 2.6.12 and
103 higher) values: [-20,19]
104
105 rtprio
106 maximum realtime priority allowed for non-privileged processes
107 (Linux 2.6.12 and higher)
108
109 All items support the values -1, unlimited or infinity indicating no
110 limit, except for priority and nice.
111
112 If a hard limit or soft limit of a resource is set to a valid value,
113 but outside of the supported range of the local system, the system may
114 reject the new limit or unexpected behavior may occur. If the control
115 value required is used, the module will reject the login if a limit
116 could not be set.
117
118 In general, individual limits have priority over group limits, so if
119 you impose no limits for admin group, but one of the members in this
120 group have a limits line, the user will have its limits set according
121 to this line.
122
123 Also, please note that all limit settings are set per login. They are
124 not global, nor are they permanent; existing only for the duration of
125 the session.
126
127 In the limits configuration file, the ´#´ character introduces a
128 comment - after which the rest of the line is ignored.
129
130 The pam_limits module does report configuration problems found in its
131 configuration file and errors via syslog(3).
132
134 These are some example lines which might be specified in
135 /etc/security/limits.conf.
136
137 * soft core 0
138 * hard rss 10000
139 @student hard nproc 20
140 @faculty soft nproc 20
141 @faculty hard nproc 50
142 ftp hard nproc 0
143 @student - maxlogins 4
144
145
147 pam_limits(8), pam.d(5), pam(8), getrlimit(2) getrlimit(3p)
148
150 pam_limits was initially written by Cristian Gafton <gafton@redhat.com>
151
152
153
154Linux-PAM Manual 03/02/2009 LIMITS.CONF(5)