Forge Home


Manage entries in /etc/security/limits.conf


7,412,130 latest version

3.4 quality score

Version information

  • 0.3.1 (latest)
  • 0.3.0
  • 0.2.0
released Dec 19th 2012

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'erwbgy-limits', '0.3.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add erwbgy-limits
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install erwbgy-limits --version 0.3.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



erwbgy/limits — version 0.3.1 Dec 19th 2012


Puppet module to set entries in /etc/security/limits.conf


The recommended usage is to place the configuration under a limits hash in hiera and just include the limits module in your puppet configuration:

include limits

Example hiera config:

      soft: '2048'
      hard: '8192'
      soft: '20'
      hard: '20'
      soft: '4068'
      hard: '8192'
      hard: '50'

This example creates the following entries in /etc/security/limits.conf:

* nofile soft 2048
* nofile hard 8192
myuser nofile soft 4068
myuser nofile hard 8192
* nproc soft 20
* nproc hard 20
@mygroup nproc hard 50

replacing any existing items in the same domain.

You can also call it as a parameterised class passing in the configuration data as a hash - for example:

class { 'limits':
  config => {
    '*' => {
      'nofile' => {
        soft => '2048',
        hard => '8192',
      'nproc' => {
        soft => '20',
        hard => '20',
    '@mygroup' => {
      'nproc' => {
        hard => '50',
  use_hiera => false,


Each entry title is the domain name - for example '*' for all users, '@wheel' for members of the wheel group, 'root' for the root user etc.

For each domain there is one or more items: one of: 'core', 'data', 'fsize', 'memlock', 'nofile', 'rss', 'stack', 'cpu', 'nproc', 'as', 'maxlogins', 'maxsyslogins', 'priority', 'locks', 'sigpending', 'msqqueue', 'nice', 'rtprio'.

For each item the following parameters are accepted:

  • soft: the item's soft limit. Optional.

  • hard: the item's hard limit. Optional.

See the limits.conf(5) man page for more information.

Implementation based on