LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Red Hat (http://www.linuxquestions.org/questions/red-hat-31/)
-   -   etc/security/limits.conf - what does it do? (http://www.linuxquestions.org/questions/red-hat-31/etc-security-limits-conf-what-does-it-do-763812/)

Ken_1969 10-22-2009 04:55 PM

etc/security/limits.conf - what does it do?
 
So, now I thought I have my first Linux system up and stable - I am intending to install my company's software on it, and part of the checklist for the linux install includes editing etc/security/limits.conf as follows:
* hard nofile 16384
* soft nofile 4096
* hard memlock 3000000
* soft memlock 3000000
* hard nproc 16000
* soft nproc 16000
* hard stack 512000
* soft stack 512000

However, when I make these changes and reboot I get a bunch of errors
"Nautilus can't be used now, due to an expected error from Bonobo when attempting to register the file manager view server."
"There was a problem registering the panel with the bonobo-activation server. The error code is:3 The panel will now exit."

The Linux desktop does not appear - I just get a completely black screen with a mouse pointer (the pointer does move). But I can't do anything else.

Eventually after rebooting a few times the menu at the top re-appears (although my wallpaper doesn't - still completely black and no icons).

Then I get a different error - "The panel encountered a problem while loading "OAFIID:GNOME_SystemTrayApplet - do you want to delete the applet from your configuration". ClockAppletm, SystemApplet, WorkSpaceSwitcher all throw up similar errors, and I get a "Bug Buddy" window.

At that point I can go to recent documents, edit the file and reboot, and then all is well again.

Obviously the simple answer is don't mess with these settings, but I'm just wondering what the implications are. The application I'm installing obviously suggests them for a reason.

unSpawn 10-22-2009 05:36 PM

Quote:

Originally Posted by Ken_1969 (Post 3729025)
I am intending to install my company's software on it

It could be helpful to be complete about things. Like naming the software might help. Also if for instance the software is a daemon or any commandline application then I'd wonder why you would need a graphical UI in the first place. I mean if you wouldn't need a graphical UI in the first place then you could uninstall Xorg and get rid of the errors that (rather drastic) way. If the software requires a graphical UI then you'd have to find out which components are really required to run a minimal GUI and which limits these processes require (probably trial and error-wise).


Quote:

Originally Posted by Ken_1969 (Post 3729025)
Obviously the simple answer is don't mess with these settings, but I'm just wondering what the implications are. The application I'm installing obviously suggests them for a reason.

Have a look at 'man pam_limits; man limits; man ulimit", then ask?

DrLove73 10-22-2009 05:45 PM

Use <Ctrl>+<Alt>+n key combination where "n" is number from 1 to 12 (11 text terminals/consoles, plus GraphicUserInterface when n = 7 ). Log in as root and I suggest first do "yum install mc" and then use "mc" command (Midnight commander = Norton Commander = Total Commander) to navigate file system.

As for etc/security/limits.conf, I would try using one command at the time to see witch one gives you the problems, and maybe a combination of testing in one terminal (like n = 1) and trying GUI in another terminal with "startx" command.

Also to keep in mind, RHEL has SELinux security enforcer. You can try turning it off to see if that helps.

DrLove73 10-22-2009 05:50 PM

"man pam_limits" and "man limits.conf" are the ones that work on my CentOS 5.3.

when you run "man ...." command, you can scroll up and down with arrow keys and PgUp, PgDown, Home and End. Type "Q" to exit manual application.

unSpawn 10-22-2009 06:19 PM

Quote:

Originally Posted by DrLove73 (Post 3729083)
Also to keep in mind, RHEL has SELinux security enforcer. You can try turning it off to see if that helps.

Please do not do that unless you have specific errors in /var/log/audit/audit.log that can not be solved by applying custom rules.

Sudeep Surya Ghosh 03-14-2010 05:25 PM

hard memlock


All times are GMT -5. The time now is 06:00 PM.