Useful hint: limits.conf and root

To: debian-user@lists.debian.org
Subject: Useful hint: limits.conf and root
From: Sven Hartge <sven@svenhartge.de>
Date: Tue, 17 Feb 2015 17:00:10 +0100
Message-id: <[🔎] 8bd2d2670tv8@mids.svenhartge.de>

Hi!

Just a little public service announcement, because I just lost 2 hours
if my life figuring out how to apply new limits to processes started by
the root user without using a manual call to "ulimit" every time:

If you edit /etc/security/limits.conf to, for example, increase the
maximum number of files a process may open, you would normally do it
like this:

,----[ /etc/security/limits.conf
| *               soft    nofile          4096
| *               hard    nofile          4096
`----

But beware this little comment at the top of the file:

,----[ /etc/security/limits.conf
| #        - NOTE: group and wildcard limits are not applied to root.
| #          To apply a limit to the root user, <domain> must be
| #          the literal username root.
`----

I didn't read that (because I am a veteran sysadmin with nearly 20 years
of Unix experience, I don't need to read any stinking comments or
documentation ...) and was very very astounded when my new limits did
not apply when relogging into root.

To make this work, you need entries like this:

,----[ /etc/security/limits.conf
| root            soft    nofile          4096
| root            hard    nofile          4096
`----

And lo and behold, it works. Judging by my searches on Google to solve
that problem, I am not the only one missing that crucial difference in
the scope of the '*'-domain.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Reply to:

Prev by Date: Re: how to remove libsystemd0 from a live-running debian desktop system
Next by Date: Re: how to remove libsystemd0 from a live-running debian desktop system
Previous by thread: Re: fakeroot to build a package?
Next by thread: Re: Upgrade wheezy->jessie: Network interface: eth0 (atl1c) shows excessive power consumption
Index(es):
- Date
- Thread