How to Set Limits on User Running Processes in Linux

One of the Linux’s beauties is that you can control almost everything about it. This gives a system administrator a great control over his system and better utilization of the system resources.

While some might have never thought about doing this, it is important to know that in Linux you can limit how much resource a single user may use and for how long.

Read Also: How to Increase Number of Open Files Limit in Linux

In this short topic, we will show you how to limit the number of processes started by user and how to check the current limits and modify them.

Before we go any further there are two things we need to point:

  1. You need root access to your system to modify the user limits
  2. You must be extremely careful if you plan to modify these limits

To setup user limits, we will need to edit the following file:

/etc/security/limits.conf

This file is used to apply ulimit created by the pam_module. 

The file has the following syntax:

<domain> <type> <item> <value>

Here we will stop to discuss each of the options:

  • Domain – this includes usernames, groups, guid ranges etc
  • Type – soft and hard limits
  • Item – the item that will be limited – core size, file size,  nproc etc
  • Value – this is the value for the given limit

A good sample for a limit is:

@student          hard           nproc                20

The above line sets a hard limit of maximum 20 processes on the "student" group.

If you want to see the limits of a certain process has you can simply “cat” the limits file like this:

# cat /proc/PID/limits

Where PID is the actual process ID, you can find out process id by using ps command. For more detailed explanation, read our article that says – Find Running Linux Processes and Set Process Limits Per-User Level

So here is an example:

# cat /proc/2497/limits
Sample Output
Limit                     Soft Limit           Hard Limit           Units     
Max cpu time              unlimited            unlimited            seconds   
Max file size             unlimited            unlimited            bytes     
Max data size             unlimited            unlimited            bytes     
Max stack size            8388608              unlimited            bytes     
Max core file size        0                    unlimited            bytes     
Max resident set          unlimited            unlimited            bytes     
Max processes             32042                32042                processes 
Max open files            1024                 4096                 files     
Max locked memory         65536                65536                bytes     
Max address space         unlimited            unlimited            bytes     
Max file locks            unlimited            unlimited            locks     
Max pending signals       32042                32042                signals   
Max msgqueue size         819200               819200               bytes     
Max nice priority         0                    0                    
Max realtime priority     0                    0                    
Max realtime timeout      unlimited            unlimited            us   

All of the lines are pretty much self explanatory. However if you want to find more the settings you can input in limits.conf file, you can have a look at the manual provided here.

If you have any questions or comments, please do not hesitate to submit them in the comment section below.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

If You Appreciate What We Do Here On TecMint, You Should Consider:

TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

Support Us

We are thankful for your never ending support.

7 thoughts on “How to Set Limits on User Running Processes in Linux”

  1. I am able to change the nproc for additional users using /etc/security/limits.conf but some how root users nproc value set is 150. When logged as root and execute ulimit -n I get the value 150.

    How can I change root users nproc value?

    Reply
    • @Deepa,

      The system wide configuration file /etc/security/limits.d/90-nproc.conf (RHEL6) and /etc/security/limits.d/20-nproc.conf (RHEL7) specifies the default nproc limits as:

      *            soft    nproc     1024
      root       soft    nproc     unlimited
      
      Reply
      • Thank you, We are Using RHEL 6. Checked the /etc/limits. d/90-nproc.conf this file has same values as you mentioned. However when I run ulimit – u as root or any other user get value 150.

        In file /etc/security/limits.conf file I commented line * hard nproc 150 which was there before. I logged out restarted httpd still same value is coming. How reset default nproc value for root and other users. Please help

        Reply
  2. Can you actually see what processes are being executed? Share those with so we can have a better understanding of the issue. Also my suggestion is to check the IO utilisation as well

    Reply
  3. Hi Ravi,

    I am facing the issue with oracle user, user complains for slowness in Apache. while slowness issue I am not able to login with oracle users. It is giving error like resources are in use. Every time i have to restart my network services. I have set my oracle user limits in /etc/security/limits.conf as oracle soft nproc 16384
    oracle hard nproc 16384
    oracle soft nofile 4096
    oracle hard nofile 65536
    oracle soft stack 10240.

    Please share if you can help me.

    Reply

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.