?
Solved

RHEL 6 and /etc/security/limits.conf

Posted on 2011-04-20
37
Medium Priority
?
18,068 Views
Last Modified: 2013-11-17
I am on RHEL 6 and need to increase the limits for

  max open files

  max processes

Open in new window


I have the following config:

-bash-4.1$ cat /proc/sys/fs/file-max
14466720
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window


Specifically, I need max open files to be unlimited and max processes to be 4096. for user mqm

I have no entries in my limits.conf file

How do I set up the  limits.conf file and what is the difference between hard and soft ?

Thanks
0
Comment
Question by:Los Angeles1
  • 21
  • 14
  • +1
37 Comments
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35437406
Add those two lines into /etc/security/limits.conf
----------
*    hard    nofile   unlimited
*    hard    nproc    4096
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35437414
Woo, for user mqm
-----------
mqm    soft     nofile   unlimited
mqm    hard    nproc    4096
-----------

Based on man page of ulimit:
----------
A hard limit cannot be increased once it is set;
a soft limit may be increased up to the value of the hard limit.
0
 

Author Comment

by:Los Angeles1
ID: 35438040
Would there be anything wrong with simply using the default entries:

*    hard    nofile   unlimited
*    hard    nproc    4096

without putting the values specifically for mqm ?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 12

Expert Comment

by:upanwar
ID: 35438138
Would there be anything wrong with simply using the default entries:

*    hard    nofile   unlimited
*    hard    nproc    4096

without putting the values specifically for mqm ?


With the default entry it would set these limit for every user including mqm. After making these entry you need to log off and log in again to make the changes effective.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35438199
As I first post, which is I use for all the users most of time.

As your original question, you ask for specific for mqm. Therefore comes the second post.

I would not give eveyone unlimited for max open files (1024 is good for regular user), neither max processes for 4096 (1024 is enough).
0
 

Author Comment

by:Los Angeles1
ID: 35441225
I placed the following into my /etc/security/limits.conf, as in post 2 (limits for mqm)

mqm    soft    nofile   unlimited
mqm    hard    nproc    4096

Open in new window


Then I rebooted

I was still having problems with MQ (will not connect well with broker0

so I did the following:

[root@WEST5 security]# su - mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ whoami
mqm
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window



Why would my max user processes still be 1024 ?
0
 

Author Comment

by:Los Angeles1
ID: 35441839
I changed the limits.conf to the following:

*    hard    nofile   unlimited
*    hard    nproc    4096

mqm    soft     nofile   unlimited
mqm    hard    nproc    4096

Open in new window


Now every time I log in as root, it accepts my pw, and pops right out of the putty session immediately

Same things happens if I log in through the GUI in the IMM

Any ideas how I can get back on the system ?

Thanks
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35442224
> every time I log in as root, it accepts my pw, and pops right out of the putty session immediately
You dirrectly login as root, or "su -"?
0
 

Author Comment

by:Los Angeles1
ID: 35442244
I log in directly as root
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35442590
Then can you login as regular user and su to root.
0
 

Author Comment

by:Los Angeles1
ID: 35442599
I am afraid I only have root and mqm defined as users, and do not know the native mqm pw
0
 

Author Comment

by:Los Angeles1
ID: 35442606
I did try loging into root from the GUI, but htat accepts my root pw, but then flashes me out
0
 

Author Comment

by:Los Angeles1
ID: 35443508
I can get into root now,   Took an emergency disk and changed the limits.conf file

At first I did the following limits.conf file:

mqm    soft    nofile   unlimited
mqm    hard    nproc    4096

Then I rebooted and did a ulimit -a:

7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:

      

[root@WEST5 security]# su - mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ whoami
mqm
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Notice the max user processes is still 1024, even thoug I set it to 096, so thinking that the default noprocs was acting as a ceiling (preventing anything from going over 1024, I set the following

So I set the following (which got me into trouble), could not log in:

*    hard    nofile   unlimited
*    hard    nproc    4096

mqm    soft     nofile   unlimited
mqm    hard    nproc    4096

Now I have limits.conf back to this:

mqm    soft     nofile   unlimited
mqm    hard    nproc    4096

but I am back to my question, why does it not increase the max user processes above 1024, and how can I get it to allow 4096 for mqm
0
 

Author Comment

by:Los Angeles1
ID: 35443552
I can get into root now,   Took an emergency disk and changed the limits.conf

At first I did the following limits.conf file:

mqm    soft    nofile   unlimited
mqm    hard    nproc    4096

Open in new window


Then I rebooted and did a ulimit -a:

su - mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ whoami
mqm
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window


Notice the max user processes is still 1024, even thoug I set it to 096, so thinking that the default noprocs was acting as a ceiling (preventing anything from going over 1024, I set the following

So I set the following (which got me into trouble), could not log in:

*    hard    nofile   unlimited
*    hard    nproc    4096

mqm    soft     nofile   unlimited
mqm    hard    nproc    4096

Open in new window


Now I have limits.conf back to this (in order to get it to login back into root sucessfully)

mqm    soft     nofile   unlimited
mqm    hard    nproc    4096

Open in new window


but I am back to my question, why does it not increase the max user processes above 1024, and how can I get it to allow 4096 for mqm
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35443625
It looks like the PAM configuration issue.
Could you post
# cd /etc/pam.d
# grep limits *
0
 

Author Comment

by:Los Angeles1
ID: 35443674
[root@WEST5 /]# cd etc
[root@WEST5 etc]# cd pam.d
[root@WEST5 pam.d]#
[root@WEST5 pam.d]# grep limits *
fingerprint-auth:session     required      pam_limits.so
fingerprint-auth-ac:session     required      pam_limits.so
password-auth:session     required      pam_limits.so
password-auth-ac:session     required      pam_limits.so
runuser:session         required        pam_limits.so
smartcard-auth:session     required      pam_limits.so
smartcard-auth-ac:session     required      pam_limits.so
sudo:session    required     pam_limits.so
sudo-i:session    required     pam_limits.so
system-auth:session     required      pam_limits.so
system-auth-ac:session     required      pam_limits.so
[root@WEST5 pam.d]#

Open in new window

0
 

Author Comment

by:Los Angeles1
ID: 35444042
Does this indicate a PAM problem.  Does this mean PAM is not an issue.

Any ideas
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35444426
I need to do some investigation.
Back to your orignal request. Could you
su - mqa
and added the following into ~/.bashrc
---------
ulimit -Hn unlimited
ulimit -Hu 4096
--------
and see if this work?

By the way, set a password for "mqm" in case of this issue you encounter before.
(as root)
# passwd mqm
<type in password twice>
0
 

Author Comment

by:Los Angeles1
ID: 35444653
I created the following .bashrc in /var/mqm

echo This is line 1, .bashrc
ulimit -Hn unlimited
echo This is line 2, .bashrc
ulimit -Hu 4096
echo This is line 3, .bashrc
. /opt/ibm/mqsi/7.0/bin/mqsiprofile

Open in new window


I created the following .bash_profile in /var/mqm

echo This is line 1, .bash_profile
ulimit -Hn unlimited
echo This is line 2, .bash_profile
ulimit -Hu 4096
echo This is line 3, .bash_profile
. /opt/ibm/mqsi/7.0/bin/mqsiprofile

Open in new window



I performed the following:

[root@WEST5 mqm]# su mqm
This is line 1, .bashrc
bash: ulimit: open files: cannot modify limit: Operation not permitted
This is line 2, .bashrc
This is line 3, .bashrc

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window



And then did the login:

bash-4.1$ exit
exit
[root@WEST5 mqm]# su - mqm
This is line 1, .bash_profile
-bash: ulimit: open files: cannot modify limit: Operation not permitted
This is line 2, .bash_profile
This is line 3, .bash_profile

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window



So the command will not allow me to change the nofiles, it does allow
the -Hu, but the max user value is not updated

Could there be an issue with the default user limits not being set
to a higher liit, and thus acting as a ceiling or bottleneck to
the individual user limits ?
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35444672
What's the output of
ulimit -Ha
0
 

Author Comment

by:Los Angeles1
ID: 35444776
I performed the following:

[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# su mqm
This is line 1, .bashrc
bash: ulimit: open files: cannot modify limit: Operation not permitted
This is line 2, .bashrc
This is line 3, .bashrc

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

bash-4.1$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
bash-4.1$
bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
bash-4.1$
bash-4.1$
bash-4.1$ exit
exit
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# su - mqm
This is line 1, .bash_profile
-bash: ulimit: open files: cannot modify limit: Operation not permitted
This is line 2, .bash_profile
This is line 3, .bash_profile

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
-bash-4.1$
-bash-4.1$ ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window


Prior to that I perofmred the following from root

root@WEST5 ~]# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1161386
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
[root@WEST5 ~]#

Open in new window



0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35445064
As root, do
ulimit -Hn unlimited
And login as mqm to see the result
0
 

Author Comment

by:Los Angeles1
ID: 35447812
The operation is not permitted under  root

[root@WEST5 ~]# whoami
root
[root@WEST5 ~]# ulimit -Hn unlimited
-bash: ulimit: open files: cannot modify limit: Operation not permitted
[root@WEST5 ~]#
[root@WEST5 ~]# su - mqm
This is line 1, .bash_profile
-bash: ulimit: open files: cannot modify limit: Operation not permitted
This is line 2, .bash_profile
This is line 3, .bash_profile

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window

0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35449356
It seems there are some change from RHEL 5 to RHEL6
https://groups.google.com/a/cloudera.org/group/cdh-user/browse_thread/thread/ec7a6ecf986f5f59

I don't have RHEL 6 at hands.
Could you post /etc/security/limits.conf here?
0
 

Author Comment

by:Los Angeles1
ID: 35449747
This is my RHEL 6 limits.conf (with modifications

[root@WEST5 security]# pwd
/etc/security
[root@WEST5 security]# cat limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4


#*      hard    nofile   unlimited
#*      hard    nproc    4096

mqm    soft    nofile   unlimited
mqm    hard    nproc    4096

# End of file
[root@WEST5 security]#

Open in new window


Obviously the following lines were my modifications:

#*      hard    nofile   unlimited
#*      hard    nproc    4096

mqm    soft    nofile   unlimited
mqm    hard    nproc    4096

Open in new window

0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35449788
Please change to
mqm    soft     nofile   10000
mqm    hard    nofile   unlimited
mqm    hard    nproc    4096

Then logout and login again for mqm.
0
 

Author Comment

by:Los Angeles1
ID: 35450126
After the change the OS could not open the mqm session

[root@WEST5 ~]# cd /etc
[root@WEST5 etc]# cd security
[root@WEST5 security]# cat limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4

mqm    soft     nofile   10000
mqm    hard     nofile   unlimited
mqm    hard     nproc    4096

# End of file
[root@WEST5 security]#
[root@WEST5 security]# su mqm
could not open session
[root@WEST5 security]# su - mqm
could not open session
[root@WEST5 security]#

Open in new window





[root@WEST5 security]# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
[root@WEST5 security]#
[root@WEST5 security]# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1161386
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window

0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35450282
From your original post:
> $ cat /proc/sys/fs/file-max
> 14466720
This is the system wide setting (limit).
So the hard ulimit can not go beyond that.
You can increase it by (permanently) by edit /etc/sysctl.conf
------------
fs.file-max = 28866720
-----------
Then as root, run
# sysctl -p

Then in /etc/security/limits.conf
------
mqm    hard    nofile   28866720   # less or equal than fs.file-max value
-------

Also change ~mqm/.bashrc
---
ulimit -Hn 28866720   # less or equal than fs.file-max value
--
0
 

Author Comment

by:Los Angeles1
ID: 35450718
On one putty session I performed the folowing:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 16:47:37 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]# cd /etc
[root@WEST5 etc]# sysctl -p sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 500 256000 250 1024
fs.file-max = 32768
net.ipv4.tcp_keepalive_time = 300
fs.file-max = 28866720
[root@WEST5 etc]#
[root@WEST5 etc]#
[root@WEST5 etc]# cd security
[root@WEST5 security]# cat limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4


mqm    soft     nofile   28866720
mqm    hard    nproc    4096


# End of file

Open in new window



Then I close the putty session and perform the following:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 17:34:46 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1161386
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
[root@WEST5 ~]# ulimit -Hn 28866720
-bash: ulimit: open files: cannot modify limit: Operation not permitted

Open in new window



It does not seem to change the value of the open files
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 35450765
1. The output of "sysctl -p"
> fs.file-max = 32768
> net.ipv4.tcp_keepalive_time = 300
> fs.file-max = 28866720

It looks like you set fs.file-max twice. Please take out "fs.file-max = 32768" and do "sysctl -p" again.
The first one "fs.file-max = 32768" is the cause that ulimit -Hn failed for mqm before.

2.
> [root@WEST5 ~]# ulimit -Ha
You did not set ulimit for root.
Please do
su - mqm
and see the "ulimit -Ha"
0
 

Author Comment

by:Los Angeles1
ID: 35450807
In one putty session I perform the following:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 17:55:11 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]# cd /etc
[root@WEST5 etc]# sysctl -p sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 500 256000 250 1024
net.ipv4.tcp_keepalive_time = 300
fs.file-max = 28866720
[root@WEST5 etc]#
[root@WEST5 etc]#
[root@WEST5 etc]# cd security
[root@WEST5 security]# cat limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4


mqm    soft     nofile   28866720
mqm    hard    nproc    4096


# End of file
[root@WEST5 security]#


IN another putty session:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 17:55:59 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# su mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

bash-4.1$ ulimit -Hn 28866720
bash: ulimit: open files: cannot modify limit: Operation not permitted
bash-4.1$
0
 

Author Comment

by:Los Angeles1
ID: 35450813
In one putty session I perform the following:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 17:55:11 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]# cd /etc
[root@WEST5 etc]# sysctl -p sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 500 256000 250 1024
net.ipv4.tcp_keepalive_time = 300
fs.file-max = 28866720
[root@WEST5 etc]#
[root@WEST5 etc]#
[root@WEST5 etc]# cd security
[root@WEST5 security]# cat limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4


mqm    soft     nofile   28866720
mqm    hard    nproc    4096


# End of file
[root@WEST5 security]#

Open in new window



IN another putty session:

login as: root
root@10.14.7.17's password:
Last login: Fri Apr 22 17:55:59 2011 from 10.14.100.2
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# su mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

bash-4.1$ ulimit -Hn 28866720
bash: ulimit: open files: cannot modify limit: Operation not permitted
bash-4.1$

Open in new window

0
 
LVL 38

Accepted Solution

by:
wesly_chen earned 2000 total points
ID: 35450884
> ulimit: open files: cannot modify limit: Operation not permitted
In the man page of ulimit,
----------------------
-n     The maximum number of open file descriptors (most systems do  not  allow  this value to be set)
----------------------
So, the user can not set nofile on your system.
Try "soft" limit as mqm
$ ulimit -Sn 28866700

Anyway, the system wide setting for nofile is increased in /etc/sysctl.conf.

what's the "ulimit -Ha" as user mqm now ?
0
 

Author Comment

by:Los Angeles1
ID: 35460354
[root@WEST5 etc]# pwd
/etc
[root@WEST5 etc]# sysctl -p sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 500 256000 250 1024
net.ipv4.tcp_keepalive_time = 300
fs.file-max = 28866720
[root@WEST5 etc]#
[root@WEST5 etc]#
[root@WEST5 etc]# cat /proc/sys/fs/file-max
28866720
[root@WEST5 etc]#
[root@WEST5 etc]# cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4


mqm    soft     nofile   28866720
mqm    hard    nproc    4096


# End of file
[root@WEST5 etc]# su - mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

-bash-4.1$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
-bash-4.1$

Open in new window

0
 

Author Comment

by:Los Angeles1
ID: 35461116
I think I found the problem.

First, I can not go past a certain limit when I set nofiles, (which I was attempting to do)

[root@WEST5 ~]# ulimit -n 1000000
[root@WEST5 ~]# ulimit -n 2000000
-bash: ulimit: open files: cannot modify limit: Operation not permitted
[root@WEST5 ~]#

Open in new window


Second, sysctl does not apparently change the nofiles:

[root@WEST5 ~]# cd /etc
[root@WEST5 etc]# sysctl -p sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.sem = 500 256000 250 1024
net.ipv4.tcp_keepalive_time = 300
fs.file-max = 32768
[root@WEST5 etc]# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1161386
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Open in new window


What does work is to set ulimit as root, and it trickles down to mqm:

login as: root
root@10.14.7.17's password:
Last login: Mon Apr 25 12:50:18 2011 from 10.14.100.2
[root@WEST5 ~]# cat .bashrc
# .bashrc

# User specific aliases and functions

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

ulimit -n 32768

[root@WEST5 ~]# ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 32768
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1161386
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
[root@WEST5 ~]#
[root@WEST5 ~]#
[root@WEST5 ~]# su mqm

MQSI 7.0.0.2
/opt/ibm/mqsi/7.0

bash-4.1$ ulimit -Ha
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 1161386
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 32768
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) unlimited
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4096
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
bash-4.1$

Open in new window


0
 

Author Closing Comment

by:Los Angeles1
ID: 35461120
Thank you for your help
0
 

Expert Comment

by:JOE-J59
ID: 38755314
This worked to change Max User Processes.

Obtained information from http://nonfunctionaltestingtools.blogspot.com/2012/09/in-one-of-our-new-machines-we-are.html

In /etc/security/limits.d/90-nproc.conf change the soft nproc from 1024 to 15349:
*          soft    nproc     15349

This change is not applied until the user logs out and then logs back in.

$ ulimit -u
15349
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Often times it's very very easy to extend a volume on a Linux instance in AWS, but impossible to shrink it. I wanted to contribute to the experts-exchange community a way of providing a procedure that works on an AWS instance. It can also be used on…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month16 days, 11 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question