000038069 - What are the recommended ulimit settings in /etc/security/limits.conf for use with RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Oct 18, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000038069
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 6.9.1, 7.x
IssueThis RSA Knowledge Base Article describes the recommended ulimit settings in /etc/security/limits.conf for use with RSA Identity Governance & Lifecycle and how to define these settings.
ResolutionThe recommended ulimit settings in /etc/security/limits.conf for use with RSA Identity Governance & Lifecycle are:
  • Open file descriptors, soft nofile at least 16384, hard nofile at least 65536.
  • Number of processes available to a single user, soft nproc at least 2047, hard nproc at least 16384.
  • Size of the stack segment of the process stack, soft stack at least 10240, hard stack at least 32768.
To check resource limits, log in as user oracle and run these commands:

  1. Check the soft and hard limits for the open file descriptor setting for user oracle. Ensure that the result is in the recommended range. For example:


$ ulimit -Sn
16384
$ ulimit -Hn
65536


  1. Check the soft and hard limits for the number of processes available to user oracle. Ensure that the result is in the recommended range. For example:


$ ulimit -Su
16384
$ ulimit -Hu
16384


  1. Check the soft and hard limits for the stack setting for user oracle. Ensure that the result is in the recommended range. For example:


$ ulimit -Ss
10240
$ ulimit -Hs
32768


 To modify these settings, log in as user root and

  1. Edit /etc/security/limits.conf


cd /etc/security
vi limits.conf


  1. Add these lines to the bottom of the file. These entries need to be defined for the oracle user.


oracle soft nofile 16384
oracle hard nofile 65536
oracle soft nproc 16384
oracle hard nproc 16384
oracle soft stack 10240
oracle hard stack 32768


The new values will take effect immediately. No application or system restart is required.

Attachments

    Outcomes