linux 学习の ulimit and sysctl
来源:互联网 发布:usb网络共享打不开 编辑:程序博客网 时间:2024/05/19 06:14
http://www.linuxhowtos.org/Tips%20and%20Tricks/ulimit.htm 写道
ulimit and sysctl
The ulimit and sysctl programs allow to limit system-wide resource use. This can help a lot in system administration, e.g. when a user starts too many processes and therefore makes the system unresponsive for other users.
Code Listing 1: ulimit example
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
file size (blocks, -f) unlimited
pending signals (-i) 8191
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 8191
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
All these settings can be manipulated. A good example is this bash forkbomb that forks as many processes as possible and can crash systems where no user limits are set:
Warning: Do not run this in a shell! If no limits are set your system will either become unresponsive or might even crash.
Code Listing 2: A bash forkbomb
$ :(){ :|:& };:
Now this is not good - any user with shell access to your box could take it down. But if that user can only start 30 processes the damage will be minimal. So let's set a process limit:
Gentoo Note: A too small number of processes can break the use of portage. So, don't be too strict.
Code Listing 3: Setting a process limit
# ulimit -u 30
# ulimit -a
…
max user processes (-u) 30
…
If you try to run the forkbomb now it should run, but throw error messages "fork: resource temporarily unavailable". This means that your system has not allowed the forkbomb to start more processes. The other options of ulimit can help with similar problems, but you should be careful that you don't lock yourself out - setting data seg size too small will even prevent bash from starting!
sysctl is a similar tool: It allows to configure kernel parameters at runtime. If you wish to keep settings persistent across reboots you should edit /etc/sysctl.conf - be aware that wrong settings may break things in unforeseen ways.
Code Listing 4: Exploring sysctl variables
# sysctl -a
…
vm.swappiness = 60
…
The list of variables is quite long (367 lines on my system), but I picked out vm.swappiness here. It controls how aggressive swapping will be, the higher it is (with a maximum of 100) the more swap will be used. This can affect performance a lot on systems with little memory, depending on load and other factors.
Code Listing 5: Reducing swappiness
# sysctl vm.swappiness=0
vm.swappiness = 0
The effects of changing this setting are usually not felt instantly. But you can change many settings, especially network-related, this way. For servers this can offer a nice performance boost, but as with ulimit careless usage might cause your system to misbehave or slow down. If you don't know what a variable controls, you should not modify it!
The ulimit and sysctl programs allow to limit system-wide resource use. This can help a lot in system administration, e.g. when a user starts too many processes and therefore makes the system unresponsive for other users.
Code Listing 1: ulimit example
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
file size (blocks, -f) unlimited
pending signals (-i) 8191
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 8191
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
All these settings can be manipulated. A good example is this bash forkbomb that forks as many processes as possible and can crash systems where no user limits are set:
Warning: Do not run this in a shell! If no limits are set your system will either become unresponsive or might even crash.
Code Listing 2: A bash forkbomb
$ :(){ :|:& };:
Now this is not good - any user with shell access to your box could take it down. But if that user can only start 30 processes the damage will be minimal. So let's set a process limit:
Gentoo Note: A too small number of processes can break the use of portage. So, don't be too strict.
Code Listing 3: Setting a process limit
# ulimit -u 30
# ulimit -a
…
max user processes (-u) 30
…
If you try to run the forkbomb now it should run, but throw error messages "fork: resource temporarily unavailable". This means that your system has not allowed the forkbomb to start more processes. The other options of ulimit can help with similar problems, but you should be careful that you don't lock yourself out - setting data seg size too small will even prevent bash from starting!
sysctl is a similar tool: It allows to configure kernel parameters at runtime. If you wish to keep settings persistent across reboots you should edit /etc/sysctl.conf - be aware that wrong settings may break things in unforeseen ways.
Code Listing 4: Exploring sysctl variables
# sysctl -a
…
vm.swappiness = 60
…
The list of variables is quite long (367 lines on my system), but I picked out vm.swappiness here. It controls how aggressive swapping will be, the higher it is (with a maximum of 100) the more swap will be used. This can affect performance a lot on systems with little memory, depending on load and other factors.
Code Listing 5: Reducing swappiness
# sysctl vm.swappiness=0
vm.swappiness = 0
The effects of changing this setting are usually not felt instantly. But you can change many settings, especially network-related, this way. For servers this can offer a nice performance boost, but as with ulimit careless usage might cause your system to misbehave or slow down. If you don't know what a variable controls, you should not modify it!
0 0
- linux 学习の ulimit and sysctl
- linux sysctl学习
- linux学习笔记--sysctl命令
- LINUX---sysctl
- articles about network queue and linux sysctl parameters
- linux ulimit
- linux ulimit
- LINUX ulimit
- linux ulimit
- linux ulimit
- linux ulimit
- linux每日学习-系统-sysctl(2016.3.11)
- mac中修改系统限制量--ulimit和sysctl
- linux系统资源管理sysctl(sysctl.conf)
- Linux上的sysctl
- Linux上的sysctl
- sysctl优化linux网络
- sysctl优化linux网络
- Qt之布局管理——停靠窗口
- 坑爹的HTML5应用集锦
- java框架学习 dubbo
- unity动画制作及与3d max结合
- Awesome python code style [List]
- linux 学习の ulimit and sysctl
- locale的详细解释
- php 调试相关
- 二级C语言复习(2)
- CentOS 7 systemd添加自定义系统服务
- 2012春节买票须知 FIREFOX 买票指南 3分钟完成支付
- CSS3和Canvas动画
- 玩转【斗鱼直播APP】系列之框架搭建
- Mysql出现Field * doesn't have a default value解决办法