Bug 157294 - Setting nproc variable in /etc/security/limits.conf has no effect
Summary: Setting nproc variable in /etc/security/limits.conf has no effect
Keywords:
Status: CLOSED DUPLICATE of bug 116133
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: pam
Version: 3.0
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Jay Turner
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-05-10 10:11 UTC by Matteo Vescovi
Modified: 2015-01-08 00:09 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-11 12:29:22 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Matteo Vescovi 2005-05-10 10:11:35 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050406 Firefox/1.0.2 (Debian package 1.0.2-3)

Description of problem:
I edited the /etc/security/limits.conf file to change the hard limit and the soft limit of the nproc variable.
I added the lines:

*               soft    nproc           32000
*               hard    nproc           32000

and rebooted my box.
Issuing the command:

[me@box]$ ulimit -n 32000

generates the error message:

bash: ulimit: max user processes: cannot modify limit: Operation not permitted



Version-Release number of selected component (if applicable):
pam-0.75-62

How reproducible:
Always

Steps to Reproduce:
1.Edit /etc/security/limits.conf, adding or modifying the nproc lines so that they look like:

*               soft    nproc           32000
*               hard    nproc           32000

2.Issue the command `ulimit -n 32000' as a normal user

  

Actual Results:  bash: ulimit: max user processes: cannot modify limit: Operation not permitted

Expected Results:  No error message should have been generated and the nproc limit should have been raised to 32000.

Additional info:

I changed the file-max variable by adding the line
fs.file-max = 32768
to /etc/sysctl.conf, but that also seems to have no effect.

Am I missing something here?

Can the nproc hard limit be set to unlimited, or is the maximum value 32000 (as stated in the Knowledge Base Article ID: 5060 ?
Comment 1 Tomas Mraz 2005-05-10 11:08:38 UTC 
This is confusing - you're mixing number of processes setting (nproc limit) and
maximum open files limit (nofile limit). I've set the limits as you wrote and
cannot reproduce the problem.
Comment 2 Matteo Vescovi 2005-05-10 15:28:58 UTC 
My apologies.
Yes, the command should be `ulimit -u', not `ulimit -n'.

Step 2 should read:
Issue the command `ulimit -u 32000' as a normal user

Again, please pardon my oversight.

The problem still persists.
Comment 3 Tomas Mraz 2005-05-10 15:46:27 UTC 
What 'ulimit -H -u' gives you in this situation?
Comment 4 Matteo Vescovi 2005-05-10 15:55:49 UTC 
`ulimit -H -u' gives me 7168.

Same goes for `ulimit -S -u'
Comment 5 Tomas Mraz 2005-05-10 18:03:31 UTC 
No surprise that it doesn't allow you ulimit -u 32000. How are you actually
accessing the machine? If by ssh then the reason is that the limits from
limits.conf aren't applied correctly by sshd if privilege separation is enabled.
This should be resolved by the next update release. You can try to disable
privilege separation in sshd meanwhile.
Comment 6 Matteo Vescovi 2005-05-11 12:27:58 UTC 
The problem lies in the sshd privilege separation mechanism.

When logging in directly at the console (instead of logging in remotely with
ssh), the limits are correctly applied.
Comment 7 Matteo Vescovi 2005-05-11 12:29:22 UTC 

*** This bug has been marked as a duplicate of 116133 ***
Note You need to log in before you can comment on or make changes to this bug.