The ulimit command in Linux is used to limit the amount of system resources that individual users can consume.
Whether it is user intention, or just accidently happens, a single user can eat up all available system resources such as RAM memory or disk space. Depending on the nature of your Linux system, you may want to limit your users to only what they might actually need.
This is an essential tweak commonly done to virtual private servers or other shared hosting situations, where a single server may be rented out to dozens of users. In this tutorial, you’ll learn how to use the ulimit command in Linux through examples. Follow along below to see learn about the various options that you can use with this command.
In this tutorial you will learn:
- How to use the ulimit command on Linux
|Category||Requirements, Conventions or Software Version Used|
|System||Any Linux distro|
|Other||Privileged access to your Linux system as root or via the
|Conventions||# – requires given linux commands to be executed with root privileges either directly as a root user or by use of
$ – requires given linux commands to be executed as a regular non-privileged user
Frequently Used Options
Fork bombs, commands like
yes, and buggy programs can easily utilize tons of system resources in a very short amount of time. This will impact the experience of all others users on the system, just because of one person abusing the system resources (either intentionally or not).
The ulimit command is the solution to this problem. Check out some of the ulimit examples below to see how to limit the consumption of system resources for your users.
ulimit command in Linux Basic Examples
All limits shown below are applied to the current bash shell session only. To make a permanent change to system wide use, you must make changes to the
/etc/security/limits.conf. We will show how to do that in a later section.
- Use the ulimit command with the
-aoption to see a list of all your user’s limits on the system, or just ulimit by itself to see a quick summary.
$ ulimit -a
- To limit the max number of processes that a user can spawn, use the
-uoption. This command will limit them to 10 processes. This will take care of things like fork bombs.
$ ulimit -u 10
If we try to exceed this limit, we’ll encounter an error:
bash: fork: retry: Resource temporarily unavailable
-foption allows us to limit the size of a file that a user can make. This command will limit a user to files of 100 KB or less.
$ ulimit -f 100
And here’s what happens if we now try to exceed the limit.
$ cat /dev/zero > file File size limit exceeded (core dumped) $ ls -lh file -rw-rw-r--. 1 linuxconfig linuxconfig 100K Feb 21 18:27 file
- With ulimit it is also possible to limit the maximum amount of virtual memory available to a process. Use the
-voption to accomplish this.
$ ulimit -v 1000
- To limit the number of files a user can have opened at once (file descriptors), use the
$ ulimit -n 10
When this limit is exceeded, you’ll receive an error like this:
bash: command: Too many open files
By now, you should be getting the idea that you can use any of the options to make new kinds of limits. Use
ulimit --help or just
ulimit -a to see the types of limits you can impose, and their corresponding command options.
You can always use the man command to read more about the ulimit command and its official documentation. Click the previous link to see how to open the manual pages for any command on a Linux system.
Up until now, we have been imposing “soft” limits with the ulimit command. These are limits that are created by the users themselves, and they can go as high as the “hard” limit allows them. To create a “hard” limit, we will edit the
ulimit command in Linux Advanced Examples
- Use root permissions to open the
/etc/security/limits.conffile. We will use nano in this example, but you may use a different text editor if you prefer.
$ sudo nano /etc/security/limits.conf
- At the bottom of this file, we will impose some hard limits on our users, which are enforced system wide. The general syntax goes like this:
[domain] [type] [item] [value]
[domain]can be a user name, group name, or wild card.
[type]can either be “soft” or “hard” depending on which kind of limit you’d like to enforce.
[item]is what you’d like to limit, for example “cpu” or “nproc” (number of processes), etc.
[value]is the number you’d like to enforce.
All of this info is summarized in the file itself, in case you forget.
- As an example, let’s try putting a limit on the number of processes that users in the “corporate” group can spawn. Adding this line to the file would only allow the users in the group to spawn a maximum of 10 processes.
@corporate hard nproc 20
- For another example, let’s limit the amount of file size user “linuxconfig” can utilize. This will limit the user to 10 MB. We must write the number as 10000 since it needs to be in kilobytes.
linuxconfig hard fsize 10000
Use any of the limit types described in the
/etc/security/limits.conf file to put limits on users, groups, or everyone on the entire system.
In this tutorial, we learned all about the ulimit command on Linux. The ulimit command is essential for systems that have multiple users, in order to ensure that everyone is playing fairly and only using their share of the system resources.
When you need your limits to persist, you can edit the ulimit configuration file as seen above, to impose system limits on users, groups, or every account on the system.