Sometimes you need to increase the open file limit for an application server or the maximum shared memory for your ever-growing master database. In such a case you edit your /etc/security/limits.conf and then wonder how to get the changed limits to be visible to check wether you have set them correctly. You do not want to find out that they were wrong after your master DB doesn't come up after some incident in the middle of the night...
Instant Applying Limits to Running Processes
Actually you might want to apply the changes directly to a running process additionally to changing /etc/security/limits.conf. In recent edge Linux distributions (e.g. Debian Jessie) there is a tool "prlimit" to get/set limits.
Usage for changing limits for a PID is
prlimit --pid <pid> --<limit>=<soft>:<hard>for example
prlimit --pid 12345 --nofile=1024:2048If you are unlucky and do not have prlimit yet check out this instruction to compile your own version because despite missing user tool the prlimit() system call is in the kernel for quite a while (since 2.6.36).
Alternative #1: Re-Login with "sudo -i"If you do not have prlimit yet and want a changed limit configuration to become visible you might want to try "sudo -i". The reason: you need to re-login as limits from /etc/security/* are only applied on login!
But wait: what about users without login? In such a case you login as root (which might not share their limits) and sudo into the user: so no real login as the user. In this case you must ensure to use the "-i" option of sudo:
sudo -i -u <user>to simulate an initial login with sudo. This will apply the new limits.
Alternative #2: Make it work for sudo without "-i"
Wether you need "-i" depends on the PAM configuration of your Linux distribution. If you need it then PAM probably loads "pam_limit.so" only in /etc/pam.d/login which means at login time but no on sudo. This was introduced in Ubuntu Precise for example. By adding this line
session required pam_limits.soin /etc/pam.d/sudo limits will also be applied when running sudo without "-i". Still using "-i" might be easier.
Finally: Always Check Effective LimitsThe best way is to change the limits and check them by running
prlimit # for current shell prlimit --pid <pid> # for a running processbecause it shows both soft and hard limits together. Alternatively call
ulimit -a # for current shell cat /proc/<pid>/limits # for a running processwith the affected user.