You should probably check the highest voted answer ServerFault SE where are the default ulimit values set? (linux, centos)
.
UPDATE:
As suggested, copy/pasting the information from the other site:
These "default" limits are applied by:
- the Linux kernel at boot time (to the
init
process),
- inheritance, from the parent process' limits (at
fork(2)
time),
- PAM when the user session is opened (can replace kernel/inherited values),
- the process itself (can replace PAM & kernel/inherited values, see
setrlimit(2)
).
Normal users' processes cannot rise hard limits.
The Linux kernel
At boot time, Linux sets default limits to the init
process, which are then inherited by all the other (children) processes. To see this limit: grep process /proc/1/limits
.
For example, the kernel default for maximum number of file descriptors (ulimit -n
) was 1024/1024 (soft, hard), and has been raised to 1024/4096 in Linux 2.6.39.
The default maximum number of processes you're talking about is limited to approximately:
Total RAM in kB / 128
for x86 architectures (at least), but distributions sometimes change default kernel values, so check your kernel source code for kernel/fork.c
, fork_init()
. The "number of processes" limit is called RLIMIT_NPROC there.
PAM
Usually, to ensure user authentification at login, PAM is used along with some modules (see /etc/pam.d/login
).
On Debian, the PAM module responsible for setting limits is here : /lib/security/pam_limits.so
.
This library will read its configuration from limits.conf
and limits.d/*.conf
, but even if those files are empty, pam_limits.so might use hardcoded values that you can check within the source code.
For example, on Debian, the library has been patched so that by default, the maximum number of processes (nproc
) is unlimited, and the maximum number of files (nofile
) is 1024/1024:
case RLIMIT_NOFILE:
pl->limits[i].limit.rlim_cur = 1024;
pl->limits[i].limit.rlim_max = 1024;
So, check your CentOS' PAM module source code (look for RLIMIT_NPROC).
However, please note that many processes will not go through PAM (usually, if they are not launched by a logged in user, like daemons and maybe cron jobs).
Best Answer
All values is correct and have different meanings.
/proc/sys/kernel/pid_max
is maximum value forPID
,ulimit -u
is maximum value fornumber of processes
.From
man 5 proc
:From
man bash
:Note
When a new process is created, it is assigned next number available of kernel processes counter. When it reached
pid_max
, the kernel restart the processes counter to 300. From linux source code,pid.c
file: