Environment
Novell Open Enterprise Server
(Linux based)
Novell SUSE Linux Enterprise Server 9
Novell SUSE Linux Enterprise Server 9
Situation
Unable to login as a particular
user
Unable to start an SSH session as a particular user
Unable to "su" as a particular user
All the processes started by the affected user stop working
ERROR: su: cannot set user id: Resource temporarily unavailable
Unable to start an SSH session as a particular user
Unable to "su" as a particular user
All the processes started by the affected user stop working
ERROR: su: cannot set user id: Resource temporarily unavailable
Resolution
The affected user has reached the
maximum number of process specified for him into the file /etc/security/limits.conf
.
These commands, executed as root, can give you the number of process and of open files for the given user:
ps -U username | wc -l
lsof | grep username | wc -l
To fix the issue increase the NPROC Soft limit according to the user and applications needs; please look at the note below about the /etc/security/limits.conf file.
If third party software is involved, please contact the software vendor to advice about the proper limits to use.
These commands, executed as root, can give you the number of process and of open files for the given user:
ps -U username | wc -l
lsof | grep username | wc -l
To fix the issue increase the NPROC Soft limit according to the user and applications needs; please look at the note below about the /etc/security/limits.conf file.
If third party software is involved, please contact the software vendor to advice about the proper limits to use.
Additional Information
Through the contents of the
configuration file /etc/security/limits.conf
resource limits are placed on users' sessions. The user root (and other users with
uid=0) are not affected by this restriction.
Each line of the configuration file describes a limit for a user in the form:
< domain> -
The fields listed above should be filled as follows:
can be:
can have the three
values:
- can be one of the
following:
The first entry of the form which applies to the authenticating user will override all other entries in the limits configuration file.
In general, individual limits have priority over group limits, so if no limits is imposed for a given group, but one of the members in this group have a limits line, the user will have its limits set according to this line.
Please note that all limit settings are set per login. They are not global, nor are they permanent; existing only for the duration of the session.
The following is an example configuration file:
# EXAMPLE /etc/security/limits.conf file:
# =======================================
#-
* soft nproc 2047
* hard nproc 16384
* soft nofile 2048
* hard nofile 65536
Having this file means, for instance, that every user can start a maximum of 2047 processes and can raise this limit up to 16384.
Each line of the configuration file describes a limit for a user in the form:
< domain>
The fields listed above should be filled as follows:
- a username
- a groupname, with @group syntax
- the wild-card *, for default entry
- the wild-card %, for maxlogins limit only, can also be used
with %group syntax
- hard for enforcing hard resource limits. These limits are set by the superuser and enforced by the Linux kernel. The user cannot raise his requirement of system resources above such values;
- soft for enforcing soft resource limits. These limits are ones that the user can adjust within the range permitted by any pre-exisiting hard limits. The values specified with this token can be thought of as default values, for normal system usage;
- - for enforcing
both soft and hard limits together.
- core- limits the core file size (KB)
- data- max data size (KB)
- fsize- maximum filesize (KB)
- memlock- max locked-in-memory address space (KB)
- nofile- max number of open files
- rss- max resident set size (KB)
- stack- max stack size (KB)
- cpu- max CPU time (MIN)
- nproc- max number of processes
- as- address space limit
- maxlogins- max number of logins for this user
- maxsyslogins- max number of logins on system
- priority- the priority to run user process with (negative values boost process priority)
- locks- max locked files
The first entry of the form which applies to the authenticating user will override all other entries in the limits configuration file.
In general, individual limits have priority over group limits, so if no limits is imposed for a given group, but one of the members in this group have a limits line, the user will have its limits set according to this line.
Please note that all limit settings are set per login. They are not global, nor are they permanent; existing only for the duration of the session.
The following is an example configuration file:
# EXAMPLE /etc/security/limits.conf file:
# =======================================
#
* soft nproc 2047
* hard nproc 16384
* soft nofile 2048
* hard nofile 65536
Having this file means, for instance, that every user can start a maximum of 2047 processes and can raise this limit up to 16384.