[systemd-devel] The question about process limits in systemd
Mantas Mikulėnas
grawity at gmail.com
Wed Feb 28 06:11:16 UTC 2018
On Wed, Feb 28, 2018 at 3:30 AM, Firxiao zhang <firxiaowork at gmail.com>
wrote:
> Hi All.
> I am confusing the relationship between "systemd" and
> "/etc/security/limits.conf".
> so far, I am migrating a service(init.d) script(centos6) to systemd
> unit(centos7).
> on centos6, I defined the user limits in "/etc/security/limits.conf". and
> it worked well.
> after I done the same thing on centos7. I found the limits was not taking
> effect. so I googled this problem. it said I need define the limits in
> systemd unit file. like: LimitNOFILE=xxx.
> Here are my questions:
> 1. are the systemd limits and the system security limits individual?
>
They are completely separate. /etc/security/limits.conf is *only* read by
PAM (pam_limits.so), which basically means user login sessions (getty, ssh,
xdm...)
(Although it's possible for systemd to call PAM when starting a service, it
needs careful configuration and you shouldn't do it by default.)
> 2. if not. is there a way to make systemd read the system security limits
> as default?
>
No. Limits for a service should be in its .service file.
--
Mantas Mikulėnas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20180228/55429ff5/attachment.html>
More information about the systemd-devel
mailing list