1 .\" Copyright (c) 1992 Drew Eckhardt, March 28, 1992
2 .\" and Copyright (c) 2002, 2004, 2005, 2008, 2010 Michael Kerrisk
4 .\" %%%LICENSE_START(VERBATIM)
5 .\" Permission is granted to make and distribute verbatim copies of this
6 .\" manual provided the copyright notice and this permission notice are
7 .\" preserved on all copies.
9 .\" Permission is granted to copy and distribute modified versions of this
10 .\" manual under the conditions for verbatim copying, provided that the
11 .\" entire resulting derived work is distributed under the terms of a
12 .\" permission notice identical to this one.
14 .\" Since the Linux kernel and libraries are constantly changing, this
15 .\" manual page may be incorrect or out-of-date. The author(s) assume no
16 .\" responsibility for errors or omissions, or for damages resulting from
17 .\" the use of the information contained herein. The author(s) may not
18 .\" have taken the same level of care in the production of this manual,
19 .\" which is licensed free of charge, as they might when working
22 .\" Formatted or processed versions of this manual, if unaccompanied by
23 .\" the source, must acknowledge the copyright and authors of this work.
26 .\" Modified by Michael Haardt <michael@moria.de>
27 .\" Modified 1993-07-23 by Rik Faith <faith@cs.unc.edu>
28 .\" Modified 1996-01-13 by Arnt Gulbrandsen <agulbra@troll.no>
29 .\" Modified 1996-01-22 by aeb, following a remark by
30 .\" Tigran Aivazian <tigran@sco.com>
31 .\" Modified 1996-04-14 by aeb, following a remark by
32 .\" Robert Bihlmeyer <robbe@orcus.ping.at>
33 .\" Modified 1996-10-22 by Eric S. Raymond <esr@thyrsus.com>
34 .\" Modified 2001-05-04 by aeb, following a remark by
35 .\" HÃ¥vard Lygre <hklygre@online.no>
36 .\" Modified 2001-04-17 by Michael Kerrisk <mtk.manpages@gmail.com>
37 .\" Modified 2002-06-13 by Michael Kerrisk <mtk.manpages@gmail.com>
38 .\" Added note on nonstandard behavior when SIGCHLD is ignored.
39 .\" Modified 2002-07-09 by Michael Kerrisk <mtk.manpages@gmail.com>
40 .\" Enhanced descriptions of 'resource' values
41 .\" Modified 2003-11-28 by aeb, added RLIMIT_CORE
42 .\" Modified 2004-03-26 by aeb, added RLIMIT_AS
43 .\" Modified 2004-06-16 by Michael Kerrisk <mtk.manpages@gmail.com>
44 .\" Added notes on CAP_SYS_RESOURCE
46 .\" 2004-11-16 -- mtk: the getrlimit.2 page, which formally included
47 .\" coverage of getrusage(2), has been split, so that the latter
48 .\" is now covered in its own getrusage.2.
50 .\" Modified 2004-11-16, mtk: A few other minor changes
51 .\" Modified 2004-11-23, mtk
52 .\" Added notes on RLIMIT_MEMLOCK, RLIMIT_NPROC, and RLIMIT_RSS
53 .\" to "CONFORMING TO"
54 .\" Modified 2004-11-25, mtk
55 .\" Rewrote discussion on RLIMIT_MEMLOCK to incorporate kernel
57 .\" Added note on RLIMIT_CPU error in older kernels
58 .\" 2004-11-03, mtk, Added RLIMIT_SIGPENDING
59 .\" 2005-07-13, mtk, documented RLIMIT_MSGQUEUE limit.
60 .\" 2005-07-28, mtk, Added descriptions of RLIMIT_NICE and RLIMIT_RTPRIO
61 .\" 2008-05-07, mtk / Peter Zijlstra, Added description of RLIMIT_RTTIME
62 .\" 2010-11-06, mtk: Added documentation of prlimit()
64 .TH GETRLIMIT 2 2017-03-13 "Linux" "Linux Programmer's Manual"
66 getrlimit, setrlimit, prlimit \- get/set resource limits
68 .B #include <sys/time.h>
70 .B #include <sys/resource.h>
72 .BI "int getrlimit(int " resource ", struct rlimit *" rlim );
74 .BI "int setrlimit(int " resource ", const struct rlimit *" rlim );
76 .BI "int prlimit(pid_t " pid ", int " resource \
77 ", const struct rlimit *" new_limit ,
79 .BI " struct rlimit *" old_limit );
82 Feature Test Macro Requirements for glibc (see
83 .BR feature_test_macros (7)):
93 system calls get and set resource limits respectively.
94 Each resource has an associated soft and hard limit, as defined by the
101 rlim_t rlim_cur; /* Soft limit */
102 rlim_t rlim_max; /* Hard limit (ceiling for rlim_cur) */
107 The soft limit is the value that the kernel enforces for the
108 corresponding resource.
109 The hard limit acts as a ceiling for the soft limit:
110 an unprivileged process may set only its soft limit to a value in the
111 range from 0 up to the hard limit, and (irreversibly) lower its hard limit.
112 A privileged process (under Linux: one with the
114 capability) may make arbitrary changes to either limit value.
118 denotes no limit on a resource (both in the structure returned by
120 and in the structure passed to
125 argument must be one of:
128 This is the maximum size of the process's virtual memory
129 (address space) in bytes.
130 .\" since 2.0.27 / 2.1.12
131 This limit affects calls to
136 which fail with the error
138 upon exceeding this limit.
139 Also automatic stack expansion will fail
142 that kills the process if no alternate stack
143 has been made available via
144 .BR sigaltstack (2)).
145 Since the value is a \fIlong\fP, on machines with a 32-bit \fIlong\fP
146 either this limit is at most 2\ GiB, or this resource is unlimited.
149 This is the maximum size of a
153 that the process may dump.
154 When 0 no core dump files are created.
155 When nonzero, larger dumps are truncated to this size.
158 This is a limit, in seconds,
159 on the amount of CPU time that the process can consume.
160 When the process reaches the soft limit, it is sent a
163 The default action for this signal is to terminate the process.
164 However, the signal can be caught, and the handler can return control to
166 If the process continues to consume CPU time, it will be sent
168 once per second until the hard limit is reached, at which time
171 (This latter point describes Linux behavior.
172 Implementations vary in how they treat processes which continue to
173 consume CPU time after reaching the soft limit.
174 Portable applications that need to catch this signal should
175 perform an orderly termination upon first receipt of
179 This is the maximum size of the process's data segment (initialized data,
180 uninitialized data, and heap).
181 This limit affects calls to
185 which fail with the error
187 upon encountering the soft limit of this resource.
190 This is the maximum size of files that the process may create.
191 Attempts to extend a file beyond this limit result in delivery of a
194 By default, this signal terminates a process, but a process can
195 catch this signal instead, in which case the relevant system call (e.g.,
201 .BR RLIMIT_LOCKS " (early Linux 2.4 only)"
202 .\" to be precise: Linux 2.4.0-test9; no longer in 2.4.25 / 2.5.65
203 This is a limit on the combined number of
207 leases that this process may establish.
210 This is the maximum number of bytes of memory that may be locked
212 This limit is in effect rounded down to the nearest multiple
213 of the system page size.
221 Since Linux 2.6.9, it also affects the
224 operation, where it sets a maximum on the total bytes in
225 shared memory segments (see
227 that may be locked by the real user ID of the calling process.
231 locks are accounted for separately from the per-process memory
238 a process can lock bytes up to this limit in each of these
241 In Linux kernels before 2.6.9, this limit controlled the amount of
242 memory that could be locked by a privileged process.
243 Since Linux 2.6.9, no limits are placed on the amount of memory
244 that a privileged process may lock, and this limit instead governs
245 the amount of memory that an unprivileged process may lock.
247 .BR RLIMIT_MSGQUEUE " (since Linux 2.6.8)"
248 This is a limit on the number of bytes that can be allocated
249 for POSIX message queues for the real user ID of the calling process.
250 This limit is enforced for
252 Each message queue that the user creates counts (until it is removed)
253 against this limit according to the formula:
258 bytes = attr.mq_maxmsg * sizeof(struct msg_msg) +
259 min(attr.mq_maxmsg, MQ_PRIO_MAX) *
260 sizeof(struct posix_msg_tree_node)+
262 attr.mq_maxmsg * attr.mq_msgsize;
263 /* For message data */
266 Linux 3.4 and earlier:
269 bytes = attr.mq_maxmsg * sizeof(struct msg_msg *) +
271 attr.mq_maxmsg * attr.mq_msgsize;
272 /* For message data */
279 structure specified as the fourth argument to
284 .I posix_msg_tree_node
285 structures are kernel-internal structures.
287 The "overhead" addend in the formula accounts for overhead
288 bytes required by the implementation
289 and ensures that the user cannot
290 create an unlimited number of zero-length messages (such messages
291 nevertheless each consume some system memory for bookkeeping overhead).
293 .BR RLIMIT_NICE " (since Linux 2.6.12, but see BUGS below)"
294 This specifies a ceiling to which the process's nice value can be raised using
298 The actual ceiling for the nice value is calculated as
299 .IR "20\ \-\ rlim_cur" .
300 The useful range for this limit is thus from 1
301 (corresponding to a nice value of 19) to 40
302 (corresponding to a nice value of -20).
303 This unusual choice of range was necessary
304 because negative numbers cannot be specified
305 as resource limit values, since they typically have special meanings.
308 typically is the same as \-1.
309 For more detail on the nice value, see
313 This specifies a value one greater than the maximum file descriptor number
314 that can be opened by this process.
320 to exceed this limit yield the error
322 (Historically, this limit was named
327 this limit also defines the maximum number of file descriptors that
328 an unprivileged process (one without the
330 capability) may have "in flight" to other processes,
331 by being passed across UNIX domain sockets.
332 This limit applies to the
335 For further details, see
339 This is the maximum number of processes
340 (or, more precisely on Linux, threads)
341 that can be created for the real user ID of the calling process.
342 Upon encountering this limit,
346 This limit is not enforced for processes that have either the
353 This is a limit (in bytes) on the process's resident set
354 (the number of virtual pages resident in RAM).
355 This limit has effect only in Linux 2.4.x, x < 30, and there
356 affects only calls to
360 .\" As at kernel 2.6.12, this limit still does nothing in 2.6 though
361 .\" talk of making it do something has surfaced from time to time in LKML
364 .BR RLIMIT_RTPRIO " (since Linux 2.6.12, but see BUGS)"
365 This specifies a ceiling on the real-time priority that may be set for
367 .BR sched_setscheduler (2)
369 .BR sched_setparam (2).
371 For further details on real-time scheduling policies, see
374 .BR RLIMIT_RTTIME " (since Linux 2.6.25)"
375 This is a limit (in microseconds)
376 on the amount of CPU time that a process scheduled
377 under a real-time scheduling policy may consume without making a blocking
379 For the purpose of this limit,
380 each time a process makes a blocking system call,
381 the count of its consumed CPU time is reset to zero.
382 The CPU time count is not reset if the process continues trying to
383 use the CPU but is preempted, its time slice expires, or it calls
386 Upon reaching the soft limit, the process is sent a
389 If the process catches or ignores this signal and
390 continues consuming CPU time, then
392 will be generated once each second until the hard limit is reached,
393 at which point the process is sent a
397 The intended use of this limit is to stop a runaway
398 real-time process from locking up the system.
400 For further details on real-time scheduling policies, see
403 .BR RLIMIT_SIGPENDING " (since Linux 2.6.8)"
404 This is a limit on the number of signals
405 that may be queued for the real user ID of the calling process.
406 Both standard and real-time signals are counted for the purpose of
408 However, the limit is enforced only for
410 it is always possible to use
412 to queue one instance of any of the signals that are not already
413 queued to the process.
414 .\" This replaces the /proc/sys/kernel/rtsig-max system-wide limit
415 .\" that was present in kernels <= 2.6.7. MTK Dec 04
418 This is the maximum size of the process stack, in bytes.
419 Upon reaching this limit, a
422 To handle this signal, a process must employ an alternate signal stack
423 .RB ( sigaltstack (2)).
426 this limit also determines the amount of space used for the process's
427 command-line arguments and environment variables; for details, see
430 .\" commit c022a0acad534fd5f5d5f17280f6d4d135e74e81
431 .\" Author: Jiri Slaby <jslaby@suse.cz>
432 .\" Date: Tue May 4 18:03:50 2010 +0200
434 .\" rlimits: implement prlimit64 syscall
436 .\" commit 6a1d5e2c85d06da35cdfd93f1a27675bfdc3ad8c
437 .\" Author: Jiri Slaby <jslaby@suse.cz>
438 .\" Date: Wed Mar 24 17:06:58 2010 +0100
440 .\" rlimits: add rlimit64 structure
444 system call combines and extends the functionality of
448 It can be used to both set and get the resource limits of an arbitrary process.
452 argument has the same meaning as for
459 argument is a not NULL, then the
461 structure to which it points is used to set new values for
462 the soft and hard limits for
466 argument is a not NULL, then a successful call to
468 places the previous soft and hard limits for
472 structure pointed to by
477 argument specifies the ID of the process on which the call is to operate.
480 is 0, then the call applies to the calling process.
481 To set or get the resources of a process other than itself,
482 the caller must have the
484 capability in the user namespace of the process
485 whose resource limits are being changed, or the
486 real, effective, and saved set user IDs of the target process
487 must match the real user ID of the caller
489 the real, effective, and saved set group IDs of the target process
490 must match the real group ID of the caller.
491 .\" FIXME . this permission check is strange
492 .\" Asked about this on LKML, 7 Nov 2010
493 .\" "Inconsistent credential checking in prlimit() syscall"
495 On success, these system calls return 0.
496 On error, \-1 is returned, and
498 is set appropriately.
502 A pointer argument points to a location
503 outside the accessible address space.
506 The value specified in
515 .IR rlim\->rlim_max .
518 An unprivileged process tried to raise the hard limit; the
520 capability is required to do this.
523 The caller tried to increase the hard
525 limit above the maximum defined by
526 .IR /proc/sys/fs/nr_open
532 The calling process did not have permission to set limits
533 for the process specified by
537 Could not find a process with the ID specified in
542 system call is available since Linux 2.6.36.
543 Library support is available since glibc 2.13.
545 For an explanation of the terms used in this section, see
551 Interface Attribute Value
556 T} Thread safety MT-Safe
562 POSIX.1-2001, POSIX.1-2008, SVr4, 4.3BSD.
570 derive from BSD and are not specified in POSIX.1;
571 they are present on the BSDs and Linux, but on few other implementations.
573 derives from BSD and is not specified in POSIX.1;
574 it is nevertheless present on most implementations.
575 .BR RLIMIT_MSGQUEUE ,
583 A child process created via
585 inherits its parent's resource limits.
586 Resource limits are preserved across
589 Lowering the soft limit for a resource below the process's
590 current consumption of that resource will succeed
591 (but will prevent the process from further increasing
592 its consumption of the resource).
594 One can set the resource limits of the shell using the built-in
600 The shell's resource limits are inherited by the processes that
601 it creates to execute commands.
603 Since Linux 2.6.24, the resource limits of any process can be inspected via
604 .IR /proc/[pid]/limits ;
608 Ancient systems provided a
610 function with a similar purpose to
612 For backward compatibility, glibc also provides
614 All new applications should be written using
616 .SS C library/ kernel ABI differences
617 Since version 2.13, the glibc
621 wrapper functions no longer invoke the corresponding system calls,
624 for the reasons described in BUGS.
626 The name of the glibc wrapper function is
628 the underlying system call is
631 In older Linux kernels, the
635 signals delivered when a process encountered the soft and hard
637 limits were delivered one (CPU) second later than they should have been.
638 This was fixed in kernel 2.6.8.
640 In 2.6.x kernels before 2.6.17, a
642 limit of 0 is wrongly treated as "no limit" (like
644 Since Linux 2.6.17, setting a limit of 0 does have an effect,
645 but is actually treated as a limit of 1 second.
646 .\" see http://marc.theaimsgroup.com/?l=linux-kernel&m=114008066530167&w=2
648 A kernel bug means that
649 .\" See https://lwn.net/Articles/145008/
651 does not work in kernel 2.6.12; the problem is fixed in kernel 2.6.13.
653 In kernel 2.6.12, there was an off-by-one mismatch
654 between the priority ranges returned by
658 This had the effect that the actual ceiling for the nice value
660 .IR "19\ \-\ rlim_cur" .
661 This was fixed in kernel 2.6.13.
662 .\" see http://marc.theaimsgroup.com/?l=linux-kernel&m=112256338703880&w=2
665 .\" The relevant patch, sent to LKML, seems to be
666 .\" http://thread.gmane.org/gmane.linux.kernel/273462
667 .\" From: Roland McGrath <roland <at> redhat.com>
668 .\" Subject: [PATCH 7/7] make RLIMIT_CPU/SIGXCPU per-process
669 .\" Date: 2005-01-23 23:27:46 GMT
670 if a process reaches its soft
672 limit and has a handler installed for
674 then, in addition to invoking the signal handler,
675 the kernel increases the soft limit by one second.
676 This behavior repeats if the process continues to consume CPU time,
677 until the hard limit is reached,
678 at which point the process is killed.
679 Other implementations
680 .\" Tested Solaris 10, FreeBSD 9, OpenBSD 5.0
683 soft limit in this manner,
684 and the Linux behavior is probably not standards conformant;
685 portable applications should avoid relying on this Linux-specific behavior.
686 .\" FIXME . https://bugzilla.kernel.org/show_bug.cgi?id=50951
689 limit exhibits the same behavior when the soft limit is encountered.
691 Kernels before 2.4.22 did not diagnose the error
698 .IR rlim\->rlim_max .
700 .SS Representation of """large""" resource limit values on 32-bit platforms
705 wrapper functions use a 64-bit
707 data type, even on 32-bit platforms.
710 data type used in the
714 system calls is a (32-bit)
715 .IR "unsigned long" .
716 Furthermore, in Linux versions before 2.6.36,
717 the kernel represents resource limits on 32-bit platforms as
718 .IR "unsigned long" .
719 However, a 32-bit data type is not wide enough.
720 .\" https://bugzilla.kernel.org/show_bug.cgi?id=5042
721 .\" http://sources.redhat.com/bugzilla/show_bug.cgi?id=12201
722 The most pertinent limit here is
724 which specifies the maximum size to which a file can grow:
725 to be useful, this limit must be represented using a type
726 that is as wide as the type used to
727 represent file offsets\(emthat is, as wide as a 64-bit
729 (assuming a program compiled with
730 .IR _FILE_OFFSET_BITS=64 ).
732 To work around this kernel limitation,
733 if a program tried to set a resource limit to a value larger than
734 can be represented in a 32-bit
735 .IR "unsigned long" ,
738 wrapper function silently converted the limit value to
740 In other words, the requested resource limit setting was silently ignored.
742 This problem was addressed in Linux 2.6.36 with two principal changes:
744 the addition of a new kernel representation of resource limits that
745 uses 64 bits, even on 32-bit platforms;
749 system call, which employs 64-bit values for its resource limit arguments.
752 .\" https://www.sourceware.org/bugzilla/show_bug.cgi?id=12201
753 glibc works around the limitations of the
757 system calls by implementing
761 as wrapper functions that call
764 The program below demonstrates the use of
769 #define _FILE_OFFSET_BITS 64
774 #include <sys/resource.h>
776 #define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \\
780 main(int argc, char *argv[])
782 struct rlimit old, new;
786 if (!(argc == 2 || argc == 4)) {
787 fprintf(stderr, "Usage: %s <pid> [<new\-soft\-limit> "
788 "<new\-hard\-limit>]\\n", argv[0]);
792 pid = atoi(argv[1]); /* PID of target process */
796 new.rlim_cur = atoi(argv[2]);
797 new.rlim_max = atoi(argv[3]);
801 /* Set CPU time limit of target process; retrieve and display
804 if (prlimit(pid, RLIMIT_CPU, newp, &old) == \-1)
805 errExit("prlimit\-1");
806 printf("Previous limits: soft=%lld; hard=%lld\\n",
807 (long long) old.rlim_cur, (long long) old.rlim_max);
809 /* Retrieve and display new CPU time limit */
811 if (prlimit(pid, RLIMIT_CPU, NULL, &old) == \-1)
812 errExit("prlimit\-2");
813 printf("New limits: soft=%lld; hard=%lld\\n",
814 (long long) old.rlim_cur, (long long) old.rlim_max);
835 .BR capabilities (7),