1修改进程资源限制,软限制可改,最大值不能超过硬限制,硬限制只有root用户可以修改
查看进程资源限制
cat /proc/self/limits
ulimit -a
2getrlimit()函数和setrlimit()函数
A依赖的头文件
#include<sys/time.h>
#include<sys/resource.h>
B函数声明
int getrlimit(int resource, struct rlimit*rlim);
int setrlimit(int resource, const structrlimit *rlim);
int prlimit(pid_t pid, int resource, conststruct rlimit *new_limit,
struct rlimit *old_limit);
函数说明:通过getrlimit,setrlimit,prlimit函数来获得或者设置资源的limits
描述信息
The getrlimit() and setrlimit() system calls get and set resource limitsrespectively. Each resource has anassociated soft and hard limit,as
defined by the rlimit structure:
struct rlimit {
rlim_t rlim_cur;
/* Soft limit */
rlim_t rlim_max;
/* Hard limit (ceiling for rlim_cur) */
};
翻译:这个getrlimit()和setrlimit()函数分别获得和设置资源的limits,每个资源有一个关联的软限制和硬限制,它们被定义在rlimit结构体中。
The soft limit
is thevalue that the kernel enforces for the corre‐
sponding resource. The hard limitacts
as a ceiling for the soft
limit: an
unprivileged process may set only its softlimit to a value
in the range from 0 up to the hard limit, and (irreversibly) lower its
hard limit.
A privileged process (under Linux: one
with the
CAP_SYS_RESOURCE capability) may make arbitrary changes to either limit
value.
The resource argument must be one of:
RLIMIT_AS
The maximum size of the process'svirtual memory (address space)
in bytes.
This limit affects calls to brk(2), mmap(2)
and
mremap(2),
which fail with the error ENOMEM uponexceeding this
limit.
Also automatic stack expansion will fail (andgenerate a
SIGSEGV
that kills the process if no alternatestack has been
made available viasigaltstack(2)).
Since the value isa long,
on
machines with a 32-bit long either thislimit is at most 2
GiB, or this resource isunlimited.
RLIMIT_CORE
Maximum size of core file.
When 0 no core dump files are cre‐
ated.
When nonzero, larger dumps are truncated tothis size.
RLIMIT_CPU
CPU time limit
in seconds. When the process reaches the soft
limit, it is sent a SIGXCPUsignal.
The default action for this
signal
is to terminate the process. However, the signal can be
caught, and the handler canreturn control to the main
program.
If
the process continues to consume CPUtime, it will be sent
SIGXCPU once per second untilthe
hard limit is reached, at
which
time it is sent SIGKILL. (This latter point describes
Linux behavior.
Implementations vary in how they treat pro‐
cesses
which continue to consume CPU time after reaching the
soft limit.
Portable applications that need to catchthis sig‐
nal
should perform an orderly termination uponfirst receipt of
SIGXCPU.)
RLIMIT_DATA
The maximum size of
the process's data segment (initialized
data,
uninitialized data, and heap). This limitaffects calls
to brk(2) and sbrk(2), which failwith
the error ENOMEM upon
encountering the soft limit ofthis resource.
RLIMIT_FSIZE
The maximum size of files that theprocess may create.
Attempts
to extend a file beyond this
limit result in delivery of a
SIGXFSZ
signal. By default, this signal terminates a process,
but a process can catch thissignal instead, in which
case the
relevant
system call (e.g., write(2),truncate(2)) fails with
the error EFBIG.
RLIMIT_LOCKS (Early Linux 2.4 only)
A limit on the combined number offlock(2)
locks and fcntl(2)
leases that this process mayestablish.
RLIMIT_MEMLOCK
The
maximum number of bytes of memory thatmay be locked into
RAM.
In effect this limit is rounded down to thenearest multi‐
ple
of the system page size. This limit affects mlock(2) and
mlockall(2) and the mmap(2)MAP_LOCKED operation.
Since Linux
2.6.9 it also affects theshmctl(2) SHM_LOCK operation, where it
sets a maximum on the total bytesin shared memory segments (see
shmget(2)) that may be locked bythe real user ID of the calling
process.
The shmctl(2) SHM_LOCK locks areaccounted for sepa‐
rately
from the per-process memory locks established
by
mlock(2), mlockall(2), andmmap(2)
MAP_LOCKED; a process can
lock bytes up to this limit ineach of these two categories. In
Linux kernels before 2.6.9, thislimit controlled the amount of
memory
that could be locked by a privileged process. Since
Linux 2.6.9, no limits are placedon the amount of memory that a
privileged
process may lock, and this limit insteadgoverns the
amount of memory that anunprivileged process may lock.
RLIMIT_MSGQUEUE (Since Linux 2.6.8)
Specifies the limit on the numberof bytes that can be allocated
for
POSIX message queues for the real user ID of the calling
process.
This limit is enforced for mq_open(3). Each message
queue that the user createscounts (until it is removed) against
this limit according to theformula:
bytes = attr.mq_maxmsg *sizeof(struct msg_msg *) +
attr.mq_maxmsg *attr.mq_msgsize
where attr is the mq_attr
structure specified as the fourth
argument to mq_open(3).
The
first addend in the formula, whichincludes sizeof(struct
msg_msg *) (4 bytes onLinux/i386), ensures that the user cannot
create
an unlimited number of zero-lengthmessages (such mes‐
sages nevertheless each consumesome system memory for bookkeep‐
ing overhead).
RLIMIT_NICE (since Linux 2.6.12, but seeBUGS below)
Specifies
a ceiling to which the process's nice value can be
raised using setpriority(2) ornice(2).
The actual ceiling for
the
nice value is calculated as 20 - rlim_cur. (This strange‐
ness occurs because negative
numbers cannot be specified as
resource
limit values, since they typically have special mean‐
ings.
For example, RLIM_INFINITY typically is thesame as -1.)
RLIMIT_NOFILE
Specifies a value one greaterthan the maximum
file descriptor
number
that can be opened by this process. Attempts (open(2),
pipe(2), dup(2), etc.)
to exceed this limit yield the error
EMFILE.
(Historically, this limit was named RLIMIT_OFILE on
BSD.)
RLIMIT_NPROC
The maximum number of processes(or, more
precisely on Linux,
threads) that can be created forthe real user ID of the calling
process.
Upon encountering this limit, fork(2)fails with
the
error EAGAIN.
RLIMIT_RSS
Specifies
the limit (in pages) of the process's resident set
(the number of virtual pagesresident in RAM).
This limit has
effect only in Linux 2.4.x, x< 30, and there affects only calls
to madvise(2) specifyingMADV_WILLNEED.
RLIMIT_RTPRIO (Since Linux 2.6.12, but see BUGS)
Specifies a ceiling on thereal-time priority that
may be set
for
this process using sched_setscheduler(2)
and sched_set‐
param(2).
RLIMIT_RTTIME (Since Linux 2.6.25)
Specifies a limit (inmicroseconds) on the amount
of CPU time
that a process scheduled under areal-time scheduling policy may
consume without making a blockingsystem call.
For the purpose
of this limit, each time aprocess makes a blocking system call,
the count of its consumed CPUtime is reset to
zero. The CPU
time
count is not reset if the process continues trying to use
the CPU but is preempted, itstime slice expires,
or it calls
sched_yield(2).
Upon reaching the softlimit, the process is sent a SIGXCPU sig‐
nal.
If the process catches or ignores this signaland contin‐
ues consuming CPU time, thenSIGXCPU will be generated once each
second until the hard limit
is reached, at which point the
process is sent a SIGKILL signal.
The
intended use of this limit is to stop arunaway real-time
process from locking up thesystem.
RLIMIT_SIGPENDING (Since Linux 2.6.8)
Specifies the limit on the numberof signals that may be
queued
for
the real user ID of the calling process. Both standard and
real-time signals are counted forthe purpose of
checking this
limit. However, the limit is enforced only forsigqueue(3); it
is always possible to use kill(2)to queue one instance
of any
of the signals that are notalready queued to the process.
RLIMIT_STACK
The
maximum size of the process stack, inbytes. Upon reaching
this limit, a SIGSEGV signal isgenerated.
To handle this sig‐
nal,
a process must employ an alternatesignal stack (sigalt‐
stack(2)).
Since Linux 2.6.23, this limitalso
determines the amount of
space used for the process'scommand-line arguments and environ‐
ment variables; for details, seeexecve(2).
prlimit()
The Linux-specific prlimit() system call combines and extends the func‐
tionality of
setrlimit() and getrlimit(). It can be used to both set
and get the resource limits of an arbitrary process.
The resource argument has the same meaning as for setrlimit() and getr‐
limit().
If the
new_limit argument is a not NULL, then therlimit structure to
which it points is used to set new values for the soft and hard limits
for resource. If the old_limitargument is a not NULL, then a success‐
ful call to prlimit() places the previous soft and
hard limits for
resource in the rlimit structure pointed to by old_limit.
The pid
argument specifies the ID of the process onwhich the call is
to operate. If pid is 0, then thecall applies to the calling process.
To set or get the resources of aprocess other than itself, the caller
must have the CAP_SYS_RESOURCE capability, or the real, effective, and
saved set user IDs of the target process must match the real user ID of
the caller and the real, effective, and saved set group IDs of the tar‐
get process must match the real group ID of the caller.
案例说明:
#define _GNU_SOURCE
#define _FILE_OFFSET_BITS 64
#include<stdio.h>
#include<time.h>
#include<stdlib.h>
#include<unistd.h>
#include<sys/resource.h>
#define errExit(msg)do{perror(msg);exit(EXIT_FAILURE);} while(0)
int main(int argc,char *argv[])
{
struct rlimit old, new;
struct rlimit *newp;
pid_t pid;
if (!(argc == 2 || argc == 4)) {
fprintf(stderr, "Usage: %s<pid> [<new-soft-limit> "
"<new-hard-limit>]\n", argv[0]);
exit(EXIT_FAILURE);
}
pid = atoi(argv[1]); /* PIDof target process */
newp = NULL;
if (argc == 4) {
new.rlim_cur = atoi(argv[2]);
new.rlim_max = atoi(argv[3]);
newp = &new;
}
/* Set CPU time limit of target process; retrieve and display
previous limit */
if (prlimit(pid, RLIMIT_CPU, newp, &old) == -1)
errExit("prlimit-1");
printf("Previous limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur,(long long) old.rlim_max);
/* Retrieve and display new CPU time limit */
if (prlimit(pid, RLIMIT_CPU, NULL, &old) == -1)
errExit("prlimit-2");
printf("New limits: soft=%lld; hard=%lld\n",
(long long) old.rlim_cur,(long long) old.rlim_max);
exit(EXIT_FAILURE);
}