重要提示: 请直接阅读步骤(6),如果不生效,再回头阅读(1)-(5)。
如题:
修改这个文件就行了:/etc/security/limits.conf
查看当前配置的方法:
1. 找到httpd的pid(中间那三个apache的)
[root@server-tong- ~]# ps -ef |grep httpd
root : ? :: /usr/sbin/httpd -DFOREGROUND
apache : ? :: /usr/sbin/httpd -DFOREGROUND
apache : ? :: /usr/sbin/httpd -DFOREGROUND
apache : ? :: /usr/sbin/httpd -DFOREGROUND
apache : ? :: /usr/sbin/httpd -DFOREGROUND
root : pts/ :: grep --color=auto httpd
2. 查看这几个进程当前使用的值
[root@server-tong- ~]# cat /proc//limits
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size unlimited bytes
Max core file size unlimited bytes
Max resident set unlimited unlimited bytes
Max processes processes
Max open files files
Max locked memory bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals signals
Max msgqueue size bytes
Max nice priority
Max realtime priority
Max realtime timeout unlimited unlimited us
3. 查看系统允许修改的最大值,以及用户名
[root@server-tong- ~]# cat /etc/shadow |grep apa
apache:!!:::::::
[root@server-tong- ~]# cat /proc/sys/fs/nr_open
查到,limit可以使用的最大值是1048576,用户名是apache
另外,需要提到的一点,我曾经尝试直接将这个值设置成unlimited, 结果导致了root无法登录。【大哭~~】,后来想办法进去之后,查看到报错如下:【tag:修改limit.conf之后 ssh失败 root无法登录 OS无法登录】
Dec :: server-tong- login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- login: pam_unix(login:session): session opened for user root by LOGIN(uid=)
Dec :: server-tong- login: Permission denied
Dec :: server-tong- login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- login: pam_unix(login:session): session opened for user root by LOGIN(uid=)
Dec :: server-tong- login: Permission denied
Dec :: server-tong- login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- login: pam_unix(login:session): session opened for user root by LOGIN(uid=)
Dec :: server-tong- login: Permission denied
Dec :: server-tong- login: pam_unix(login:auth): check pass; user unknown
Dec :: server-tong- login: pam_unix(login:auth): authentication failure; logname=LOGIN uid= euid= tty=tty1 ruser= rhost=
Dec :: server-tong- login: FAILED LOGIN FROM tty1 FOR (unknown), User not known to the underlying authentication module
Dec :: server-tong- login: pam_limits(login:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- login: pam_unix(login:session): session opened for user root by LOGIN(uid=)
Dec :: server-tong- login: Permission denied
Dec :: server-tong- crond[]: pam_limits(crond:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- crond[]: pam_limits(crond:session): Could not set limit for 'nofile': Operation not permitted
Dec :: server-tong- sshd[]: Received signal ; terminating.
4. 准备就绪后,我们现在来修改limit.conf文件吧!追加两行配置如下,并重启OS
[root@server-tong- ~]# tail -n3 /etc/security/limits.conf
apache hard nofile
apache soft nofile
# End of file
[root@server-tong- ~]#
5. 用2中的方法查看修改是否成功。
结果,令人尴尬的是,这个修改并不好使。。。。。
为什么呢? 因为我使用systemctl来管理httpd服务的启动的。所以当使用systemctl来start的时候,并不生效。但是手动执行/usr/bin/httpd是生效的。
这个时候我们需要步骤六,来搞定这一切
6. 修改 httpd.service文件
在 [Service] 章节增加如下一行:
LimitNOFILE=
重启服务。
详见:https://fredrikaverpil.github.io/2016/04/27/systemd-and-resource-limits/
更值得注意的一件事情是什么呢?
这里边,1到5的步骤都是可以省略的,直接改第六步就可以生效了。
完!