1 .\" Copyright (c) 1992 Drew Eckhardt, March 28, 1992
2 .\" and Copyright (c) 2002, 2004, 2005, 2008, 2010 Michael Kerrisk
4 .\" %%%LICENSE_START(VERBATIM)
5 .\" Permission is granted to make and distribute verbatim copies of this
6 .\" manual provided the copyright notice and this permission notice are
7 .\" preserved on all copies.
9 .\" Permission is granted to copy and distribute modified versions of this
10 .\" manual under the conditions for verbatim copying, provided that the
11 .\" entire resulting derived work is distributed under the terms of a
12 .\" permission notice identical to this one.
14 .\" Since the Linux kernel and libraries are constantly changing, this
15 .\" manual page may be incorrect or out-of-date. The author(s) assume no
16 .\" responsibility for errors or omissions, or for damages resulting from
17 .\" the use of the information contained herein. The author(s) may not
18 .\" have taken the same level of care in the production of this manual,
19 .\" which is licensed free of charge, as they might when working
22 .\" Formatted or processed versions of this manual, if unaccompanied by
23 .\" the source, must acknowledge the copyright and authors of this work.
26 .\" Modified by Michael Haardt <michael@moria.de>
27 .\" Modified 1993-07-23 by Rik Faith <faith@cs.unc.edu>
28 .\" Modified 1996-01-13 by Arnt Gulbrandsen <agulbra@troll.no>
29 .\" Modified 1996-01-22 by aeb, following a remark by
30 .\" Tigran Aivazian <tigran@sco.com>
31 .\" Modified 1996-04-14 by aeb, following a remark by
32 .\" Robert Bihlmeyer <robbe@orcus.ping.at>
33 .\" Modified 1996-10-22 by Eric S. Raymond <esr@thyrsus.com>
34 .\" Modified 2001-05-04 by aeb, following a remark by
35 .\" HÃ¥vard Lygre <hklygre@online.no>
36 .\" Modified 2001-04-17 by Michael Kerrisk <mtk.manpages@gmail.com>
37 .\" Modified 2002-06-13 by Michael Kerrisk <mtk.manpages@gmail.com>
38 .\" Added note on nonstandard behavior when SIGCHLD is ignored.
39 .\" Modified 2002-07-09 by Michael Kerrisk <mtk.manpages@gmail.com>
40 .\" Enhanced descriptions of 'resource' values
41 .\" Modified 2003-11-28 by aeb, added RLIMIT_CORE
42 .\" Modified 2004-03-26 by aeb, added RLIMIT_AS
43 .\" Modified 2004-06-16 by Michael Kerrisk <mtk.manpages@gmail.com>
44 .\" Added notes on CAP_SYS_RESOURCE
46 .\" 2004-11-16 -- mtk: the getrlimit.2 page, which formally included
47 .\" coverage of getrusage(2), has been split, so that the latter
48 .\" is now covered in its own getrusage.2.
50 .\" Modified 2004-11-16, mtk: A few other minor changes
51 .\" Modified 2004-11-23, mtk
52 .\" Added notes on RLIMIT_MEMLOCK, RLIMIT_NPROC, and RLIMIT_RSS
53 .\" to "CONFORMING TO"
54 .\" Modified 2004-11-25, mtk
55 .\" Rewrote discussion on RLIMIT_MEMLOCK to incorporate kernel
57 .\" Added note on RLIMIT_CPU error in older kernels
58 .\" 2004-11-03, mtk, Added RLIMIT_SIGPENDING
59 .\" 2005-07-13, mtk, documented RLIMIT_MSGQUEUE limit.
60 .\" 2005-07-28, mtk, Added descriptions of RLIMIT_NICE and RLIMIT_RTPRIO
61 .\" 2008-05-07, mtk / Peter Zijlstra, Added description of RLIMIT_RTTIME
62 .\" 2010-11-06, mtk: Added documentation of prlimit()
64 .TH GETRLIMIT 2 2016-10-08 "Linux" "Linux Programmer's Manual"
66 getrlimit, setrlimit, prlimit \- get/set resource limits
68 .B #include <sys/time.h>
70 .B #include <sys/resource.h>
72 .BI "int getrlimit(int " resource ", struct rlimit *" rlim );
74 .BI "int setrlimit(int " resource ", const struct rlimit *" rlim );
76 .BI "int prlimit(pid_t " pid ", int " resource \
77 ", const struct rlimit *" new_limit ,
79 .BI " struct rlimit *" old_limit );
82 Feature Test Macro Requirements for glibc (see
83 .BR feature_test_macros (7)):
93 system calls get and set resource limits respectively.
94 Each resource has an associated soft and hard limit, as defined by the
101 rlim_t rlim_cur; /* Soft limit */
102 rlim_t rlim_max; /* Hard limit (ceiling for rlim_cur) */
107 The soft limit is the value that the kernel enforces for the
108 corresponding resource.
109 The hard limit acts as a ceiling for the soft limit:
110 an unprivileged process may set only its soft limit to a value in the
111 range from 0 up to the hard limit, and (irreversibly) lower its hard limit.
112 A privileged process (under Linux: one with the
114 capability) may make arbitrary changes to either limit value.
118 denotes no limit on a resource (both in the structure returned by
120 and in the structure passed to
125 argument must be one of:
128 The maximum size of the process's virtual memory (address space) in bytes.
129 .\" since 2.0.27 / 2.1.12
130 This limit affects calls to
135 which fail with the error
137 upon exceeding this limit.
138 Also automatic stack expansion will fail
141 that kills the process if no alternate stack
142 has been made available via
143 .BR sigaltstack (2)).
144 Since the value is a \fIlong\fP, on machines with a 32-bit \fIlong\fP
145 either this limit is at most 2 GiB, or this resource is unlimited.
152 When 0 no core dump files are created.
153 When nonzero, larger dumps are truncated to this size.
156 CPU time limit in seconds.
157 When the process reaches the soft limit, it is sent a
160 The default action for this signal is to terminate the process.
161 However, the signal can be caught, and the handler can return control to
163 If the process continues to consume CPU time, it will be sent
165 once per second until the hard limit is reached, at which time
168 (This latter point describes Linux behavior.
169 Implementations vary in how they treat processes which continue to
170 consume CPU time after reaching the soft limit.
171 Portable applications that need to catch this signal should
172 perform an orderly termination upon first receipt of
176 The maximum size of the process's data segment (initialized data,
177 uninitialized data, and heap).
178 This limit affects calls to
182 which fail with the error
184 upon encountering the soft limit of this resource.
187 The maximum size of files that the process may create.
188 Attempts to extend a file beyond this limit result in delivery of a
191 By default, this signal terminates a process, but a process can
192 catch this signal instead, in which case the relevant system call (e.g.,
198 .BR RLIMIT_LOCKS " (Early Linux 2.4 only)"
199 .\" to be precise: Linux 2.4.0-test9; no longer in 2.4.25 / 2.5.65
200 A limit on the combined number of
204 leases that this process may establish.
207 The maximum number of bytes of memory that may be locked
209 In effect this limit is rounded down to the nearest multiple
210 of the system page size.
219 Since Linux 2.6.9 it also affects the
222 operation, where it sets a maximum on the total bytes in
223 shared memory segments (see
225 that may be locked by the real user ID of the calling process.
229 locks are accounted for separately from the per-process memory
236 a process can lock bytes up to this limit in each of these
239 In Linux kernels before 2.6.9, this limit controlled the amount of
240 memory that could be locked by a privileged process.
241 Since Linux 2.6.9, no limits are placed on the amount of memory
242 that a privileged process may lock, and this limit instead governs
243 the amount of memory that an unprivileged process may lock.
245 .BR RLIMIT_MSGQUEUE " (since Linux 2.6.8)"
246 Specifies the limit on the number of bytes that can be allocated
247 for POSIX message queues for the real user ID of the calling process.
248 This limit is enforced for
250 Each message queue that the user creates counts (until it is removed)
251 against this limit according to the formula:
256 bytes = attr.mq_maxmsg * sizeof(struct msg_msg) +
257 min(attr.mq_maxmsg, MQ_PRIO_MAX) *
258 sizeof(struct posix_msg_tree_node)+
260 attr.mq_maxmsg * attr.mq_msgsize;
261 /* For message data */
263 Linux 3.4 and earlier:
265 bytes = attr.mq_maxmsg * sizeof(struct msg_msg *) +
267 attr.mq_maxmsg * attr.mq_msgsize;
268 /* For message data */
275 structure specified as the fourth argument to
280 .I posix_msg_tree_node
281 structures are kernel-internal structures.
283 The "overhead" addend in the formula accounts for overhead
284 bytes required by the implementation
285 and ensures that the user cannot
286 create an unlimited number of zero-length messages (such messages
287 nevertheless each consume some system memory for bookkeeping overhead).
289 .BR RLIMIT_NICE " (since Linux 2.6.12, but see BUGS below)"
290 Specifies a ceiling to which the process's nice value can be raised using
294 The actual ceiling for the nice value is calculated as
295 .IR "20\ \-\ rlim_cur" .
296 The useful range for this limit is thus from 1
297 (corresponding to a nice value of 19) to 40
298 (corresponding to a nice value of -20).
299 This unusual choice of range is was necessary
300 because negative numbers cannot be specified
301 as resource limit values, since they typically have special meanings.
304 typically is the same as \-1.
305 For more detail on the nice value, see
309 Specifies a value one greater than the maximum file descriptor number
310 that can be opened by this process.
316 to exceed this limit yield the error
318 (Historically, this limit was named
323 The maximum number of processes (or, more precisely on Linux, threads)
324 that can be created for the real user ID of the calling process.
325 Upon encountering this limit,
329 This limit is not enforced for processes that have either the
336 Specifies the limit (in bytes) of the process's resident set
337 (the number of virtual pages resident in RAM).
338 This limit has effect only in Linux 2.4.x, x < 30, and there
339 affects only calls to
343 .\" As at kernel 2.6.12, this limit still does nothing in 2.6 though
344 .\" talk of making it do something has surfaced from time to time in LKML
347 .BR RLIMIT_RTPRIO " (since Linux 2.6.12, but see BUGS)"
348 Specifies a ceiling on the real-time priority that may be set for
350 .BR sched_setscheduler (2)
352 .BR sched_setparam (2).
354 For further details on real-time scheduling policies, see
357 .BR RLIMIT_RTTIME " (since Linux 2.6.25)"
358 Specifies a limit (in microseconds)
359 on the amount of CPU time that a process scheduled
360 under a real-time scheduling policy may consume without making a blocking
362 For the purpose of this limit,
363 each time a process makes a blocking system call,
364 the count of its consumed CPU time is reset to zero.
365 The CPU time count is not reset if the process continues trying to
366 use the CPU but is preempted, its time slice expires, or it calls
369 Upon reaching the soft limit, the process is sent a
372 If the process catches or ignores this signal and
373 continues consuming CPU time, then
375 will be generated once each second until the hard limit is reached,
376 at which point the process is sent a
380 The intended use of this limit is to stop a runaway
381 real-time process from locking up the system.
383 For further details on real-time scheduling policies, see
386 .BR RLIMIT_SIGPENDING " (since Linux 2.6.8)"
387 Specifies the limit on the number of signals
388 that may be queued for the real user ID of the calling process.
389 Both standard and real-time signals are counted for the purpose of
391 However, the limit is enforced only for
393 it is always possible to use
395 to queue one instance of any of the signals that are not already
396 queued to the process.
397 .\" This replaces the /proc/sys/kernel/rtsig-max system-wide limit
398 .\" that was present in kernels <= 2.6.7. MTK Dec 04
401 The maximum size of the process stack, in bytes.
402 Upon reaching this limit, a
405 To handle this signal, a process must employ an alternate signal stack
406 .RB ( sigaltstack (2)).
409 this limit also determines the amount of space used for the process's
410 command-line arguments and environment variables; for details, see
413 .\" commit c022a0acad534fd5f5d5f17280f6d4d135e74e81
414 .\" Author: Jiri Slaby <jslaby@suse.cz>
415 .\" Date: Tue May 4 18:03:50 2010 +0200
417 .\" rlimits: implement prlimit64 syscall
419 .\" commit 6a1d5e2c85d06da35cdfd93f1a27675bfdc3ad8c
420 .\" Author: Jiri Slaby <jslaby@suse.cz>
421 .\" Date: Wed Mar 24 17:06:58 2010 +0100
423 .\" rlimits: add rlimit64 structure
427 system call combines and extends the functionality of
431 It can be used to both set and get the resource limits of an arbitrary process.
435 argument has the same meaning as for
442 argument is a not NULL, then the
444 structure to which it points is used to set new values for
445 the soft and hard limits for
449 argument is a not NULL, then a successful call to
451 places the previous soft and hard limits for
455 structure pointed to by
460 argument specifies the ID of the process on which the call is to operate.
463 is 0, then the call applies to the calling process.
464 To set or get the resources of a process other than itself,
465 the caller must have the
467 capability in the user namespace of the process
468 whose resource limits are being changed, or the
469 real, effective, and saved set user IDs of the target process
470 must match the real user ID of the caller
472 the real, effective, and saved set group IDs of the target process
473 must match the real group ID of the caller.
474 .\" FIXME . this permission check is strange
475 .\" Asked about this on LKML, 7 Nov 2010
476 .\" "Inconsistent credential checking in prlimit() syscall"
478 On success, these system calls return 0.
479 On error, \-1 is returned, and
481 is set appropriately.
485 A pointer argument points to a location
486 outside the accessible address space.
489 The value specified in
498 .IR rlim\->rlim_max .
501 An unprivileged process tried to raise the hard limit; the
503 capability is required to do this.
506 The caller tried to increase the hard
508 limit above the maximum defined by
509 .IR /proc/sys/fs/nr_open
515 The calling process did not have permission to set limits
516 for the process specified by
520 Could not find a process with the ID specified in
525 system call is available since Linux 2.6.36.
526 Library support is available since glibc 2.13.
528 For an explanation of the terms used in this section, see
534 Interface Attribute Value
539 T} Thread safety MT-Safe
545 POSIX.1-2001, POSIX.1-2008, SVr4, 4.3BSD.
553 derive from BSD and are not specified in POSIX.1;
554 they are present on the BSDs and Linux, but on few other implementations.
556 derives from BSD and is not specified in POSIX.1;
557 it is nevertheless present on most implementations.
558 .BR RLIMIT_MSGQUEUE ,
566 A child process created via
568 inherits its parent's resource limits.
569 Resource limits are preserved across
572 Lowering the soft limit for a resource below the process's
573 current consumption of that resource will succeed
574 (but will prevent the process from further increasing
575 its consumption of the resource).
577 One can set the resource limits of the shell using the built-in
583 The shell's resource limits are inherited by the processes that
584 it creates to execute commands.
586 Since Linux 2.6.24, the resource limits of any process can be inspected via
587 .IR /proc/[pid]/limits ;
591 Ancient systems provided a
593 function with a similar purpose to
595 For backward compatibility, glibc also provides
597 All new applications should be written using
599 .SS C library/ kernel ABI differences
600 Since version 2.13, the glibc
604 wrapper functions no longer invoke the corresponding system calls,
607 for the reasons described in BUGS.
609 The name of the glibc wrapper function is
611 the underlying system call is
614 In older Linux kernels, the
618 signals delivered when a process encountered the soft and hard
620 limits were delivered one (CPU) second later than they should have been.
621 This was fixed in kernel 2.6.8.
623 In 2.6.x kernels before 2.6.17, a
625 limit of 0 is wrongly treated as "no limit" (like
627 Since Linux 2.6.17, setting a limit of 0 does have an effect,
628 but is actually treated as a limit of 1 second.
629 .\" see http://marc.theaimsgroup.com/?l=linux-kernel&m=114008066530167&w=2
631 A kernel bug means that
632 .\" See https://lwn.net/Articles/145008/
634 does not work in kernel 2.6.12; the problem is fixed in kernel 2.6.13.
636 In kernel 2.6.12, there was an off-by-one mismatch
637 between the priority ranges returned by
641 This had the effect that the actual ceiling for the nice value
643 .IR "19\ \-\ rlim_cur" .
644 This was fixed in kernel 2.6.13.
645 .\" see http://marc.theaimsgroup.com/?l=linux-kernel&m=112256338703880&w=2
648 .\" The relevant patch, sent to LKML, seems to be
649 .\" http://thread.gmane.org/gmane.linux.kernel/273462
650 .\" From: Roland McGrath <roland <at> redhat.com>
651 .\" Subject: [PATCH 7/7] make RLIMIT_CPU/SIGXCPU per-process
652 .\" Date: 2005-01-23 23:27:46 GMT
653 if a process reaches its soft
655 limit and has a handler installed for
657 then, in addition to invoking the signal handler,
658 the kernel increases the soft limit by one second.
659 This behavior repeats if the process continues to consume CPU time,
660 until the hard limit is reached,
661 at which point the process is killed.
662 Other implementations
663 .\" Tested Solaris 10, FreeBSD 9, OpenBSD 5.0
666 soft limit in this manner,
667 and the Linux behavior is probably not standards conformant;
668 portable applications should avoid relying on this Linux-specific behavior.
669 .\" FIXME . https://bugzilla.kernel.org/show_bug.cgi?id=50951
672 limit exhibits the same behavior when the soft limit is encountered.
674 Kernels before 2.4.22 did not diagnose the error
681 .IR rlim\->rlim_max .
683 .SS Representation of """large""" resource limit values on 32-bit platforms
688 wrapper functions use a 64-bit
690 data type, even on 32-bit platforms.
693 data type used in the
697 system calls is a (32-bit)
698 .IR "unsigned long" .
699 Furthermore, in Linux versions before 2.6.36,
700 the kernel represents resource limits on 32-bit platforms as
701 .IR "unsigned long" .
702 However, a 32-bit data type is not wide enough.
703 .\" https://bugzilla.kernel.org/show_bug.cgi?id=5042
704 .\" http://sources.redhat.com/bugzilla/show_bug.cgi?id=12201
705 The most pertinent limit here is
707 which specifies the maximum size to which a file can grow:
708 to be useful, this limit must be represented using a type
709 that is as wide as the type used to
710 represent file offsets\(emthat is, as wide as a 64-bit
712 (assuming a program compiled with
713 .IR _FILE_OFFSET_BITS=64 ).
715 To work around this kernel limitation,
716 if a program tried to set a resource limit to a value larger than
717 can be represented in a 32-bit
718 .IR "unsigned long" ,
721 wrapper function silently converted the limit value to
723 In other words, the requested resource limit setting was silently ignored.
725 This problem was addressed in Linux 2.6.36 with two principal changes:
727 the addition of a new kernel representation of resource limits that
728 uses 64 bits, even on 32-bit platforms;
732 system call, which employs 64-bit values for its resource limit arguments.
735 .\" https://www.sourceware.org/bugzilla/show_bug.cgi?id=12201
736 glibc works around the limitations of the
740 system calls by implementing
744 as wrapper functions that call
747 The program below demonstrates the use of
752 #define _FILE_OFFSET_BITS 64
757 #include <sys/resource.h>
759 #define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \\
763 main(int argc, char *argv[])
765 struct rlimit old, new;
769 if (!(argc == 2 || argc == 4)) {
770 fprintf(stderr, "Usage: %s <pid> [<new\-soft\-limit> "
771 "<new\-hard\-limit>]\\n", argv[0]);
775 pid = atoi(argv[1]); /* PID of target process */
779 new.rlim_cur = atoi(argv[2]);
780 new.rlim_max = atoi(argv[3]);
784 /* Set CPU time limit of target process; retrieve and display
787 if (prlimit(pid, RLIMIT_CPU, newp, &old) == \-1)
788 errExit("prlimit\-1");
789 printf("Previous limits: soft=%lld; hard=%lld\\n",
790 (long long) old.rlim_cur, (long long) old.rlim_max);
792 /* Retrieve and display new CPU time limit */
794 if (prlimit(pid, RLIMIT_CPU, NULL, &old) == \-1)
795 errExit("prlimit\-2");
796 printf("New limits: soft=%lld; hard=%lld\\n",
797 (long long) old.rlim_cur, (long long) old.rlim_max);
818 .BR capabilities (7),