15

I can't seem to increase the nofile limit for non-root users on Ubuntu 14.04, despite following every StackExchange answer related to this problem. So far I have:

$ cat /etc/security/limits.d/custom.conf
@www-data hard nofile 50000
@www-data soft nofile 50000
# even tried specifying the username directly:
myuser hard nofile 50000
myuser soft nofile 50000

$ grep 'limits' /etc/pam.d/common-session*
/etc/pam.d/common-session:session required        pam_limits.so
/etc/pam.d/common-session-noninteractive:session required        pam_limits.so

$ cat /proc/sys/fs/file-max
101232

Rebooted, logged in, and:

$ ulimit -n 4097
-bash: ulimit: open files: cannot modify limit: Operation not permitted

There still somehow seems to be a limit of 4096 max for non-root users.

kenorb
  • 9,995
  • 2
  • 78
  • 90
Caffeine Coma
  • 461
  • 2
  • 4
  • 11

3 Answers3

13

Using Ubuntu 14.04 I got the described hard limit: 

user@notebook:~$ ulimit -Hn 4096

I could lower it using ulimit, but not increase it, just as the question describes it. As ulimit's manual describes:

only root can increase the hard limit

So I tried to set a higher limit in /etc/security/limits.conf like this: 

user hard nofile 9999

and a fresh login like ssh localhost -l user gave me the new limit: 

user@notebook:~$ ulimit -Hn 9999

Hope this works for you, too.

kenorb
  • 9,995
  • 2
  • 78
  • 90
TomTomTom
  • 473
  • 2
  • 9
  • Thanks TomTomTom. I already have such a change in /etc/security/limits.d/custom.conf. I did try putting it directly into /etc/security/limits.conf as you suggested, and I still get "bash: ulimit: open files: cannot modify limit: Operation not permitted". – Caffeine Coma Mar 11 '15 at 14:08
  • I - just guess - one of two reasons, why it doesn't work for you: – TomTomTom Mar 12 '15 at 20:52
  • 1
    Took me too long to edit the incomplete comment. Here we go: I - just guess - one of two reasons, why this doesn't work for you: 1. `/etc/security/limits*` doesn't get read by your login mechanism - for yet unknown reason. 2. Your hard limit gets set to 4096 elsewhere, and "only root can increase ...". You might check your profiles like `.bashrc` (depending on your shell), or you might check `/etc` for other places, where limits might be set, like `find /etc | grep -e ulimit -e 4096 -e nofile`. BTW: did you try ssh? And: have you changed `/etc/ssh/sshd.conf` to avoid PAM for some reason? – TomTomTom Mar 12 '15 at 21:04
  • Yes- all login is via ssh. I have disabled UsePAM- several guides recommend this as part of allowing only ssh-key based logins. I'll try turning it on temporarily, just to see if that's the problem. Thanks! – Caffeine Coma Mar 13 '15 at 13:59
  • Afaik, PAM is what should read `/etc/security/limits*` - you might try to enable PAM just to check for this. I'll try disabling PAM to see, what difference it makes and will report the results. --- Yes! that's it! With PAM disabled my limit is 4096, too, altough set to 9999 in `/etc/security/limits.conf`. – TomTomTom Mar 13 '15 at 17:46
  • Nice sleuthing @TomTomTom. Kind of frustrating that PAM is needed to set a ulimit though. – Caffeine Coma Mar 14 '15 at 13:29
  • This worked for me without messing with PAM (IDK what that is anyway). After you edit `limits.conf`, do `ulimit -n 9999` in the shell you want to increase the limit for. Check it with `ulimit -a`. – sudo May 23 '16 at 19:21
4

This article, I think addresses your issue.

Basically you should use ulimit command to increase the available resources.

For example:

Use the following command command to display maximum number of open file descriptors:

cat /proc/sys/fs/file-max

To see the hard and soft values, issue the command as follows:

# ulimit -Hn
# ulimit -Sn

To see the hard and soft values for httpd or oracle user, issue the command as follows:

# su - username

To fix the number of maximum files, you can increase the maximum number of open files by setting a new value in kernel variable /proc/sys/fs/file-max as follows (login as the root):

# sysctl -w fs.file-max=100000

Above command forces the limit to 100000 files. You need to edit /etc/sysctl.conf file and put following line so that after reboot the setting will remain as it is. To do that, append a config directive as follows:

fs.file-max = 100000

Save and close the file. Users need to log out and log back in again to changes take effect or just type the following command:

# sysctl -p

Verify your settings with command:

# cat /proc/sys/fs/file-max

or:

# sysctl fs.file-max

The above procedure sets system-wide file descriptors (FD) limits, however you can limit httpd (or any other users) user to specific limits by editing /etc/security/limits.conf file by editing /etc/security/limits.conf and set the limits as follows:

httpd soft nofile 4096
httpd hard nofile 10240

Then check them by:

# su - httpd
$ ulimit -Hn
$ ulimit -Sn

If you've got the problem on other Linux distributions, check the /etc/pam.d/login and make sure you've got pam_limits.so enabled, e.g.

session required pam_limits.so
kenorb
  • 9,995
  • 2
  • 78
  • 90
Brooke Fogg-Wolfe
  • 108
  • 9
  • 2
    Hi Brooke. Unfortunately, I have already tried the suggestions from that article. Though the 'ulimit -Hn' was new to me; it prints 4096, the limit I keep bumping into. – Caffeine Coma Mar 09 '15 at 19:43
1

If it is a Service, you can try to set the limit in /etc/systemd/system/{ServiceName}.service add LimitNOFILE=65536

Maicon Santana
  • 121
  • 2