limits

Manage user limits via puppet

Steffen Zieger

saz

6,433,822 downloads

46,293 latest version

5.0 quality score

Version information

  • 3.0.4 (latest)
  • 3.0.3
  • 3.0.2
  • 3.0.1
  • 2.5.0
  • 2.3.0
  • 2.2.2
  • 2.1.0
  • 2.0.2
  • 2.0.1
  • 2.0.0
  • 1.0.0
released Oct 28th 2019
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.0.0 < 7.0.0
  • RedHat, Amazon, CentOS, Debian, Ubuntu, Gentoo, Suse

Start using this module

Documentation

saz/limits — version 3.0.4 Oct 28th 2019

puppet-limits Build Status

Manage user and group limits via Puppet

This module manages the limits of the PAM module pam_limits.

It creates files in /etc/security/limits.d and does not manage the file /etc/security/limits.conf

How to use

Set limits using title pattern:

    limits::limits{'*/nofile':
      hard => 1048576,
      soft => 1048576,
    }
    limits::limits{'root/nofile': both => 1048576; }

Parameters

  • purge_limits_d_dir (Boolean, default: true) Whether or not to purge the limits.d directory
  • manage_limits_d_dir (Boolean, default: true) Whether or not to manage the limits.d directory
  • limits_dir: (String) The location of the limits.d directory
  • entries: (Hash) A hash of limits entries, keys should be the name and the value as a hash made up of;
    • ensure: (String, default present) Values can be absent or present
    • user: (String) The user that the limit applies to
    • limit_type (String) The limit type
    • hard: (Integer) the hard value
    • soft: (Integer) the soft value
    • both: (Integer) the value of both soft and hard

Using hiera

Puppet:

    include ::limits

Hiera:

    limits::entries:
      'root/nofile':
        both: 1048576
      '*/memlock':
        both: unlimited

Compatibility

Puppet 4.9+

This module is compatible with Puppet 4.9+, and Puppet 5.0+

Puppet 4.0 - 4.8

To use this module with previous versions of Puppet 4 (prior to Hiera 5) you should update your Hiera data to include the following

---
limits::limits_dir: /etc/security/limits.d

lookup_options:
  limits::entries:
    merge: deep

Purge limits.d directory

The class limits will purge the limits.d directory by default. You can explicit change this with the parameter purge_limits_d_dir

    class { 'limits': }

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      hard       => 16384,
      soft       => 16384,
    }

Do NOT purge limits.d directory explicitly

    class { 'limits':
      purge_limits_d_dir => false,
    }

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      hard       => 16384,
    }

Set both limit types in one line

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      both       => 16384,
    }

One of hard, soft or both must be set!

Do not manage /etc/security/limits.d

In an effort to make this module compatible with similar modules, e.g. puppet-module-pam, management of /etc/security/limits.d can be disabled by the manage_limits_d_dir class parameter:

class { 'limits':
  manage_limits_d_dir => false,
}