Version information
released Oct 28th 2024
This version is compatible with:
- Puppet Enterprise 2025.3.x, 2025.2.x, 2025.1.x, 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- RedHat, Amazon,CentOS,Debian,Ubuntu, Gentoo, Suse
Start using this module
Add this module to your Puppetfile:
mod 'saz-limits', '5.0.0'Learn more about managing modules with a PuppetfileDocumentation
saz/limits — version 5.0.0 Oct 28th 2024
puppet-limits 
Manage user and group limits via Puppet
This module manages the limits of the PAM module pam_limits.
It creates files in /etc/security/limits.d and optionally manages the file /etc/security/limits.conf
How to use
Set limits using title pattern:
limits::limits{'*/nofile':
hard => 1048576,
soft => 1048576,
}
limits::limits{'root/nofile': both => 1048576; }
Parameters
purge_limits_d_dir(Boolean, default: true) Whether or not to purge the limits.d directorymanage_limits_d_dir(Boolean, default: true) Whether or not to manage the limits.d directorymanage_limits_file(Boolean, default: false) Whether or not to manage the /etc/security/limits.conf file.limits_file(String, default: /etc/security/limits.conf) The name of the limits file to be managed.limits_dir: (String) The location of the limits.d directorylimits_file_owner: (String, default: root) The owner of the ${limits_file} file.limits_file_group: (String, default: root) The group of the ${limits_file} file.limits_file_mode: (String, defaul: '0644') The file mode of the ${limits_file} file.entries: (Hash) A hash of limits entries, keys should be the name and the value as a hash made up of;ensure: (String, default present) Values can be absent or presentuser: (String) The user that the limit applies tolimit_type(String) The limit typehard: (Integer) the hard valuesoft: (Integer) the soft valueboth: (Integer) the value of both soft and hardtarget: (String) Optional name of file inlimits_dirto set limit settings to. Will ignore other file naming logic when provided.
Using hiera
Puppet:
include ::limits
Hiera:
limits::entries:
'root/nofile':
both: 1048576
'*/memlock':
both: unlimited
Compatibility
Puppet 4.9+
This module is compatible with Puppet 4.9+, and Puppet 5.0+
Puppet 4.0 - 4.8
To use this module with previous versions of Puppet 4 (prior to Hiera 5) you should update your Hiera data to include the following
---
limits::limits_dir: /etc/security/limits.d
lookup_options:
limits::entries:
merge: deep
Purge limits.d directory
The class limits will purge the limits.d directory by default.
You can explicit change this with the parameter purge_limits_d_dir
class { 'limits': }
limits::limits { 'username_nofile':
ensure => present,
user => 'username',
limit_type => 'nofile',
hard => 16384,
soft => 16384,
}
Do NOT purge limits.d directory explicitly
class { 'limits':
purge_limits_d_dir => false,
}
limits::limits { 'username_nofile':
ensure => present,
user => 'username',
limit_type => 'nofile',
hard => 16384,
}
Set both limit types in one line
limits::limits { 'username_nofile':
ensure => present,
user => 'username',
limit_type => 'nofile',
both => 16384,
}
One of hard, soft or both must be set!
Do not manage /etc/security/limits.d
In an effort to make this module compatible with similar modules, e.g.
puppet-module-pam, management
of /etc/security/limits.d can be disabled by the manage_limits_d_dir class parameter:
class { 'limits':
manage_limits_d_dir => false,
}
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[5.0.0]
Changed
- little code modernization (#57)
- Fix limits_template on Debian (#59)
- drop some EOL operating system releases (#58) => Debian 10, CentOS 7/8, RedHat 7
[4.0.1]
Changed
- drop explicit version requirements in .fixtures.yml (#54)
[4.0.0]
Added
- add empty template, fixes #47 (#52)
- Add the management of limits.conf file. (#44)
- Allow managing multiple settings in one file (#45)
- Allow Puppet 8 (#51)
- Add Ubuntu 24.04 and Debian 12 as supported OS (#51)
Changed
- allow puppetlabs/concat < 10 (#51)
Fixed
- Add line end character for top comment and use proper matchers for acceptance tests (#49)
Removed
- remove Debian 9 as supported OS
- drop Puppet 6 support (#51)
- remove Ubuntu 18.04 as supported OS (#51)
[3.1.0]
Changed
- Update Puppet version requirement to include version 7 (< 8.0.0) (#40)
- Switch to GitHub Actions and add basic acceptance tests (#41)
- Use hiera for default values (#37)
[3.0.4]
Added
- CHANGELOG.md added
Changed
- Update Puppet version requirement to include version 6 (< 7.0.0)
Dependencies
- puppetlabs/stdlib (>= 9.0.0 < 10.0.0)
- puppetlabs/concat (>= 7.3.0 < 10.0.0)
Copyright 2011 Steffen Zieger
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.