Linux Proc – How to Determine Max User Process Value

limitlinuxproc

Which value is correct?(or they are all correct, but which one will take effect?)

$ cat /proc/sys/kernel/pid_max 
32768
$ ulimit -a |grep processes
max user processes              (-u) 77301
$ cat /proc/1/limits |grep processes
Max processes             77301                77301                p

Best Answer

All values is correct and have different meanings./proc/sys/kernel/pid_max is maximum value for PID, ulimit -u is maximum value for number of processes.

From man 5 proc:

/proc/sys/kernel/pid_max (since Linux 2.5.34)
              This  file  specifies the value at which PIDs wrap around (i.e.,
              the value in this file is one greater  than  the  maximum  PID).
              The  default  value  for  this  file, 32768, results in the same
              range of PIDs as on earlier kernels.  On 32-bit platforms, 32768
              is  the  maximum  value for pid_max.  On 64-bit systems, pid_max
              can be set to any value up to 2^22 (PID_MAX_LIMIT, approximately
              4 million).

From man bash:

ulimit [-HSTabcdefilmnpqrstuvx [limit]]
              .....
              -u     The maximum number of processes available to a single user
              .....

Note

When a new process is created, it is assigned next number available of kernel processes counter. When it reached pid_max, the kernel restart the processes counter to 300. From linux source code, pid.c file:

....
#define RESERVED_PIDS       300
....
static int alloc_pidmap(struct pid_namespace *pid_ns)                           
{                                                                               
    int i, offset, max_scan, pid, last = pid_ns->last_pid;                      
    struct pidmap *map;                                                         

    pid = last + 1;                                                             
    if (pid >= pid_max)                                                         
        pid = RESERVED_PIDS;

The Linux kernel

At boot time, Linux sets default limits to the init process, which are then inherited by all the other (children) processes. To see this limit: grep process /proc/1/limits.

For example, the kernel default for maximum number of file descriptors (ulimit -n) was 1024/1024 (soft, hard), and has been raised to 1024/4096 in Linux 2.6.39.

The default maximum number of processes you're talking about is limited to approximately:

Total RAM in kB / 128

for x86 architectures (at least), but distributions sometimes change default kernel values, so check your kernel source code for kernel/fork.c, fork_init(). The "number of processes" limit is called RLIMIT_NPROC there.

PAM

Usually, to ensure user authentification at login, PAM is used along with some modules (see /etc/pam.d/login).

On Debian, the PAM module responsible for setting limits is here : /lib/security/pam_limits.so.

This library will read its configuration from limits.conf and limits.d/*.conf, but even if those files are empty, pam_limits.so might use hardcoded values that you can check within the source code.

For example, on Debian, the library has been patched so that by default, the maximum number of processes (nproc) is unlimited, and the maximum number of files (nofile) is 1024/1024:

  case RLIMIT_NOFILE:
      pl->limits[i].limit.rlim_cur = 1024;
      pl->limits[i].limit.rlim_max = 1024;

So, check your CentOS' PAM module source code (look for RLIMIT_NPROC).

However, please note that many processes will not go through PAM (usually, if they are not launched by a logged in user, like daemons and maybe cron jobs).

Best Answer

Related Solutions

Linux – why new pid is smaller than the old ones

Linux – limits that are set in an unmodified environment

The Linux kernel

PAM

Related Question