Ulimit user session to prevent full freeze

Asked by EricDHH on 2012-08-17

Question for 12.04: Howto limit memory and cpu to around 80% to prevent a machine from complete freeze. Cause you can throw the laptop to the wall, when it is on the swapway to hell for 30min until the guilty application will be killed by kernel. Off course there is no bugfix available since weeks and there is no session without this happening.

Where to place the ulimit command, cause i read on many places that ubuntu has disabled it in several manner. The complete xorg session should get a limit in memory exhaustion, to prevent running in the swapway to hell and protection rom crazy applications. Lots of googling shows very old ideas from ubuntu predecessors that will not work anymore, caused by changes. What is the 12.04 way for ulimit?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu procps Edit question
Assignee:
No assignee Edit question
Solved by:
EricDHH
Solved:
2012-08-19
Last query:
2012-08-19
Last reply:
2012-08-18
Thomas Krüger (thkrueger) said : #1

At first: Stay calm! Don't hurt the hardware! It's not it's fault.

When the programm locks up, you can try to kill the X session with this key combination: Alt + Print Screen + K. It will crash you back to the login prompt.

You can place limits in /etc/security/limits.cond or also as an seperate file in /etc/security/limits.d/ .

EricDHH (ericdhh) said : #2

Did not work, i found out that pam.limits was commented out in /etc/pam.d/su but that is not enough.

# Sets up user limits, please uncomment and read /etc/security/limits.conf
# to enable this functionality.
# (Replaces the use of /etc/limits in old login)
session required pam_limits.so

Now it is switched on with these lines in limits.conf

eric soft memlock 256000
eric hard memlock 256000
eric hard priority 20

The result after reboot is

eric@areion:~$ ulimit
unlimited

The limits environment seems to be demolished to the base, will ubuntu end in win9 security? Please try this on your system, so we can compare.

Thomas Krüger (thkrueger) said : #3

You have to use "ulimit -a". Wihtout parameter is will always show 'unlimited'.
Setting the limits in /etc/security/limits.conf worked well here.

EricDHH (ericdhh) said : #4

Ah thats it, yes now it is working. Thank you for help