Summary of linux Resource limit levels

Summary of linux Resource limit levels

Linux resource restrictions can be divided into system-level and kernel-level:

First: system-level restrictions:

/Etc/security/limits. conf

The limits. conf format is as follows:
Username "@ groupname type resource limit
Username | @ groupname: Set the user name to be restricted. The group name is preceded by @ and the user name. You can also use wildcard * to restrict all users.
Type: soft, hard, and-. soft indicates the setting value that takes effect for the current system. Hard indicates the maximum value that can be set in the system. Soft cannot be more restrictive than hard. -Indicates that both soft and hard values are set.
Resource:
Core-restrict the size of kernel files
Date-maximum data size
Fsize-Maximum File Size
Memlock-maximum memory address space locked
Nofile-Maximum number of opened files
Rss-maximum persistent setting size
Stack-maximum stack size
Cpu-maximum CPU time in minutes
Noproc-Maximum number of processes
As-address space limit
Maxlogins-Maximum number of logins allowed by this user

To make the limits. conf file take effect, make sure that the pam_limits.so file is added to the Startup File.
View the/etc/pam. d/login file: (add if no)
Session required/lib/security/pam_limits.so
Note:
A lot of people have set limitc. conf and the test does not take effect. Most of the reasons are:
32-bit system session required/lib/security/pam_limits.so
64-bit system session required/lib64/security/pam_limits.so

Second, restrictions on the application software level:

This is common. For example, Nginx is better in this area.

Third: kernel-level restrictions:

This is a lot of information.