Wednesday, August 18, 2010

What do the "hard" and "soft" mean in the /etc/security/limits.conf?

soft: the default value, if the value not being overwritten in other place, for example (ulimit)
hard: kernel limit, user level changes can not exceed this value.

for example:

oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
later we can change Oracle's nofile to any value less than 65536 using "ulimit -n". If we do not change, the default value is 1024, but we can not change the value exceed 65536.

For the maximum open file descriptor, the best estimated value is process x dbfiles + 500.

process: number of oracle process
dbfiles: number of datafiles.

And nofile shoud be less than fs.file-max in the /etc/sysctl.conf