GETRLIMIT(2)               Linux Programmer's Manual              GETRLIMIT(2)

       getrlimit, setrlimit, prlimit - get/set resource limits

       #include <sys/time.h>
       #include <sys/resource.h>

       int getrlimit(int resource, struct rlimit *rlim);
       int setrlimit(int resource, const struct rlimit *rlim);

       int prlimit(pid_t pid, int resource, const struct rlimit *new_limit,
                   struct rlimit *old_limit);

   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):

       prlimit(): _GNU_SOURCE

       The  getrlimit() and setrlimit() system calls get and set resource lim-
       its respectively.  Each resource has an associated soft and hard limit,
       as defined by the rlimit structure:

           struct rlimit {
               rlim_t rlim_cur;  /* Soft limit */
               rlim_t rlim_max;  /* Hard limit (ceiling for rlim_cur) */

       The  soft  limit  is  the value that the kernel enforces for the corre-
       sponding resource.  The hard limit acts  as  a  ceiling  for  the  soft
       limit:  an  unprivileged process may set only its soft limit to a value
       in the range from 0 up to the hard limit, and (irreversibly) lower  its
       hard   limit.    A  privileged  process  (under  Linux:  one  with  the
       CAP_SYS_RESOURCE capability) may make arbitrary changes to either limit

       The  value  RLIM_INFINITY  denotes  no limit on a resource (both in the
       structure returned by getrlimit() and in the structure passed to  setr-

       The resource argument must be one of:

              The maximum size of the process's virtual memory (address space)
              in bytes.  This limit affects  calls  to  brk(2),  mmap(2),  and
              mremap(2),  which fail with the error ENOMEM upon exceeding this
              limit.  Also automatic stack expansion will fail (and generate a
              SIGSEGV  that  kills  the process if no alternate stack has been
              made available via sigaltstack(2)).  Since the value is a  long,
              on  machines  with  a 32-bit long either this limit is at most 2
              GiB, or this resource is unlimited.

              Maximum size of a core file (see core(5)).  When 0 no core  dump
              files  are created.  When nonzero, larger dumps are truncated to
              this size.

              CPU time limit in seconds.  When the process  reaches  the  soft
              limit, it is sent a SIGXCPU signal.  The default action for this
              signal is to terminate the process.  However, the signal can  be
              caught,  and the handler can return control to the main program.
              If the process continues to consume CPU time, it  will  be  sent
              SIGXCPU  once  per  second  until  the hard limit is reached, at
              which time it is sent SIGKILL.   (This  latter  point  describes
              Linux  behavior.   Implementations  vary  in how they treat pro-
              cesses which continue to consume CPU  time  after  reaching  the
              soft  limit.  Portable applications that need to catch this sig-
              nal should perform an orderly termination upon first receipt  of

              The  maximum  size  of  the  process's data segment (initialized
              data, uninitialized data, and heap).  This limit  affects  calls
              to  brk(2)  and  sbrk(2),  which fail with the error ENOMEM upon
              encountering the soft limit of this resource.

              The maximum size of files that the process may create.  Attempts
              to  extend  a  file  beyond  this  limit result in delivery of a
              SIGXFSZ signal.  By default, this signal terminates  a  process,
              but  a  process can catch this signal instead, in which case the
              relevant system call (e.g., write(2),  truncate(2))  fails  with
              the error EFBIG.

       RLIMIT_LOCKS (Early Linux 2.4 only)
              A  limit  on  the combined number of flock(2) locks and fcntl(2)
              leases that this process may establish.

              The maximum number of bytes of memory that may  be  locked  into
              RAM.  In effect this limit is rounded down to the nearest multi-
              ple of the system page size.  This limit  affects  mlock(2)  and
              mlockall(2)  and  the mmap(2) MAP_LOCKED operation.  Since Linux
              2.6.9 it also affects the shmctl(2) SHM_LOCK operation, where it
              sets a maximum on the total bytes in shared memory segments (see
              shmget(2)) that may be locked by the real user ID of the calling
              process.   The  shmctl(2) SHM_LOCK locks are accounted for sepa-
              rately  from  the  per-process  memory  locks   established   by
              mlock(2),  mlockall(2),  and  mmap(2)  MAP_LOCKED; a process can
              lock bytes up to this limit in each of these two categories.  In
              Linux  kernels before 2.6.9, this limit controlled the amount of
              memory that could be locked  by  a  privileged  process.   Since
              Linux 2.6.9, no limits are placed on the amount of memory that a
              privileged process may lock, and this limit instead governs  the
              amount of memory that an unprivileged process may lock.

       RLIMIT_MSGQUEUE (since Linux 2.6.8)
              Specifies the limit on the number of bytes that can be allocated
              for POSIX message queues for the real user  ID  of  the  calling
              process.   This  limit is enforced for mq_open(3).  Each message
              queue that the user creates counts (until it is removed) against
              this limit according to the formula:

                  Since Linux 3.5:
                      bytes = attr.mq_maxmsg * sizeof(struct msg_msg) +
                              min(attr.mq_maxmsg, MQ_PRIO_MAX) *
                                    sizeof(struct posix_msg_tree_node)+
                                              /* For overhead */
                              attr.mq_maxmsg * attr.mq_msgsize;
                                              /* For message data */

                  Linux 3.4 and earlier:
                      bytes = attr.mq_maxmsg * sizeof(struct msg_msg *) +
                                              /* For overhead */
                              attr.mq_maxmsg * attr.mq_msgsize;
                                              /* For message data */

              where  attr  is  the  mq_attr  structure specified as the fourth
              argument to mq_open(3), and the msg_msg and  posix_msg_tree_node
              structures are kernel-internal structures.

              The "overhead" addend in the formula accounts for overhead bytes
              required by the implementation and ensures that the user  cannot
              create  an  unlimited  number of zero-length messages (such mes-
              sages nevertheless each consume some system memory for bookkeep-
              ing overhead).

       RLIMIT_NICE (since Linux 2.6.12, but see BUGS below)
              Specifies  a  ceiling  to  which the process's nice value can be
              raised using setpriority(2) or nice(2).  The actual ceiling  for
              the  nice  value is calculated as 20 - rlim_cur.  (This strange-
              ness occurs because negative  numbers  cannot  be  specified  as
              resource  limit  values, since they typically have special mean-
              ings.  For example, RLIM_INFINITY typically is the same as -1.)

              Specifies a value one greater than the maximum  file  descriptor
              number  that  can be opened by this process.  Attempts (open(2),
              pipe(2), dup(2), etc.)  to exceed this  limit  yield  the  error
              EMFILE.   (Historically,  this  limit  was named RLIMIT_OFILE on

              The maximum number of processes (or, more  precisely  on  Linux,
              threads) that can be created for the real user ID of the calling
              process.  Upon encountering this limit, fork(2) fails  with  the
              error  EAGAIN.   This  limit  is not enforced for processes that
              have either the CAP_SYS_ADMIN or the  CAP_SYS_RESOURCE  capabil-

              Specifies  the  limit  (in  bytes) of the process's resident set
              (the number of virtual pages resident in RAM).  This  limit  has
              effect only in Linux 2.4.x, x < 30, and there affects only calls
              to madvise(2) specifying MADV_WILLNEED.

       RLIMIT_RTPRIO (since Linux 2.6.12, but see BUGS)
              Specifies a ceiling on the real-time priority that  may  be  set
              for  this  process  using  sched_setscheduler(2)  and sched_set-

       RLIMIT_RTTIME (since Linux 2.6.25)
              Specifies a limit (in microseconds) on the amount  of  CPU  time
              that a process scheduled under a real-time scheduling policy may
              consume without making a blocking system call.  For the  purpose
              of this limit, each time a process makes a blocking system call,
              the count of its consumed CPU time is reset to  zero.   The  CPU
              time  count  is not reset if the process continues trying to use
              the CPU but is preempted, its time slice expires,  or  it  calls

              Upon reaching the soft limit, the process is sent a SIGXCPU sig-
              nal.  If the process catches or ignores this signal and  contin-
              ues consuming CPU time, then SIGXCPU will be generated once each
              second until the hard limit  is  reached,  at  which  point  the
              process is sent a SIGKILL signal.

              The  intended  use  of this limit is to stop a runaway real-time
              process from locking up the system.

       RLIMIT_SIGPENDING (since Linux 2.6.8)
              Specifies the limit on the number of signals that may be  queued
              for  the real user ID of the calling process.  Both standard and
              real-time signals are counted for the purpose of  checking  this
              limit.   However, the limit is enforced only for sigqueue(3); it
              is always possible to use kill(2) to queue one instance  of  any
              of the signals that are not already queued to the process.

              The  maximum size of the process stack, in bytes.  Upon reaching
              this limit, a SIGSEGV signal is generated.  To handle this  sig-
              nal,  a  process  must employ an alternate signal stack (sigalt-

              Since Linux 2.6.23, this limit also  determines  the  amount  of
              space used for the process's command-line arguments and environ-
              ment variables; for details, see execve(2).

       The Linux-specific prlimit() system call combines and extends the func-
       tionality  of  setrlimit() and getrlimit().  It can be used to both set
       and get the resource limits of an arbitrary process.

       The resource argument has the same meaning as for setrlimit() and getr-

       If  the  new_limit argument is a not NULL, then the rlimit structure to
       which it points is used to set new values for the soft and hard  limits
       for resource.  If the old_limit argument is a not NULL, then a success-
       ful call to prlimit() places the previous  soft  and  hard  limits  for
       resource in the rlimit structure pointed to by old_limit.

       The  pid  argument specifies the ID of the process on which the call is
       to operate.  If pid is 0, then the call applies to the calling process.
       To  set or get the resources of a process other than itself, the caller
       must have the CAP_SYS_RESOURCE capability, or the real, effective,  and
       saved set user IDs of the target process must match the real user ID of
       the caller and the real, effective, and saved set group IDs of the tar-
       get process must match the real group ID of the caller.

       On success, these system calls return 0.  On error, -1 is returned, and
       errno is set appropriately.

       EFAULT A pointer argument points to a location outside  the  accessible
              address space.

       EINVAL The  value  specified  in  resource  is not valid; or, for setr-
              limit()  or   prlimit():   rlim->rlim_cur   was   greater   than

       EPERM  An  unprivileged  process  tried  to  raise  the hard limit; the
              CAP_SYS_RESOURCE capability is required to do this.

       EPERM  The caller tried to increase the hard RLIMIT_NOFILE limit  above
              the maximum defined by /proc/sys/fs/nr_open (see proc(5))

       EPERM  (prlimit())  The  calling process did not have permission to set
              limits for the process specified by pid.

       ESRCH  Could not find a process with the ID specified in pid.

       The prlimit() system call is available  since  Linux  2.6.36.   Library
       support is available since glibc 2.13.

       For   an   explanation   of   the  terms  used  in  this  section,  see

       |Interface                           | Attribute     | Value   |
       |getrlimit(), setrlimit(), prlimit() | Thread safety | MT-Safe |

       getrlimit(), setrlimit(): POSIX.1-2001, POSIX.1-2008, SVr4, 4.3BSD.
       prlimit(): Linux-specific.

       RLIMIT_MEMLOCK and RLIMIT_NPROC derive from BSD and are  not  specified
       in  POSIX.1;  they  are present on the BSDs and Linux, but on few other
       implementations.  RLIMIT_RSS derives from BSD and is not  specified  in
       POSIX.1;   it   is   nevertheless   present  on  most  implementations.
       RLIMIT_SIGPENDING are Linux-specific.

       A child process created via fork(2) inherits its parent's resource lim-
       its.  Resource limits are preserved across execve(2).

       Lowering the soft limit for a resource below the process's current con-
       sumption  of  that  resource will succeed (but will prevent the process
       from further increasing its consumption of the resource).

       One can set the resource limits of the shell using the built-in  ulimit
       command  (limit  in csh(1)).  The shell's resource limits are inherited
       by the processes that it creates to execute commands.

       Since Linux 2.6.24, the resource limits of any process can be inspected
       via /proc/[pid]/limits; see proc(5).

       Ancient  systems provided a vlimit() function with a similar purpose to
       setrlimit().  For backward compatibility, glibc also provides vlimit().
       All new applications should be written using setrlimit().

   C library/ kernel ABI differences
       Since version 2.13, the glibc getrlimit() and setrlimit() wrapper func-
       tions no longer invoke the  corresponding  system  calls,  but  instead
       employ prlimit(), for the reasons described in BUGS.

       The  name  of  the  glibc wrapper function is prlimit(); the underlying
       system call is call prlimit64 ().

       In older Linux kernels, the SIGXCPU and SIGKILL signals delivered  when
       a  process  encountered the soft and hard RLIMIT_CPU limits were deliv-
       ered one (CPU) second later than they should have been.  This was fixed
       in kernel 2.6.8.

       In  2.6.x  kernels  before  2.6.17,  a RLIMIT_CPU limit of 0 is wrongly
       treated as "no limit" (like RLIM_INFINITY).  Since Linux  2.6.17,  set-
       ting  a  limit  of  0 does have an effect, but is actually treated as a
       limit of 1 second.

       A kernel bug means that RLIMIT_RTPRIO does not work in  kernel  2.6.12;
       the problem is fixed in kernel 2.6.13.

       In kernel 2.6.12, there was an off-by-one mismatch between the priority
       ranges returned by getpriority(2) and RLIMIT_NICE.  This had the effect
       that   the  actual  ceiling  for  the  nice  value  was  calculated  as
       19 - rlim_cur.  This was fixed in kernel 2.6.13.

       Since Linux 2.6.12, if a process reaches its soft RLIMIT_CPU limit  and
       has  a handler installed for SIGXCPU, then, in addition to invoking the
       signal handler, the kernel increases the  soft  limit  by  one  second.
       This  behavior  repeats  if  the process continues to consume CPU time,
       until the hard limit is reached, at which point the process is  killed.
       Other  implementations  do not change the RLIMIT_CPU soft limit in this
       manner, and the Linux behavior is probably  not  standards  conformant;
       portable  applications  should  avoid  relying  on  this Linux-specific
       behavior.  The Linux-specific RLIMIT_RTTIME  limit  exhibits  the  same
       behavior when the soft limit is encountered.

       Kernels before 2.4.22 did not diagnose the error EINVAL for setrlimit()
       when rlim->rlim_cur was greater than rlim->rlim_max.

   Representation of "large" resource limit values on 32-bit platforms
       The glibc getrlimit() and setrlimit() wrapper functions  use  a  64-bit
       rlim_t  data  type, even on 32-bit platforms.  However, the rlim_t data
       type used in the getrlimit() and setrlimit() system calls is a (32-bit)
       unsigned  long.  Furthermore, in Linux versions before 2.6.36, the ker-
       nel represents resource limits on 32-bit platforms  as  unsigned  long.
       However,  a  32-bit  data  type is not wide enough.  The most pertinent
       limit here is RLIMIT_FSIZE, which specifies the maximum size to which a
       file  can  grow:  to  be useful, this limit must be represented using a
       type that is as wide as the type used to represent  file  offsets--that
       is,  as  wide  as  a  64-bit  off_t  (assuming  a program compiled with

       To work around this kernel limitation, if a  program  tried  to  set  a
       resource  limit  to  a value larger than can be represented in a 32-bit
       unsigned long, then the glibc  setrlimit()  wrapper  function  silently
       converted  the  limit  value  to  RLIM_INFINITY.   In  other words, the
       requested resource limit setting was silently ignored.

       This problem was addressed in Linux 2.6.36 with two principal changes:

       *  the addition of a new kernel representation of resource limits  that
          uses 64 bits, even on 32-bit platforms;

       *  the addition of the prlimit() system call, which employs 64-bit val-
          ues for its resource limit arguments.

       Since version 2.13, glibc works around the  limitations  of  the  getr-
       limit()  and  setrlimit()  system calls by implementing setrlimit() and
       getrlimit() as wrapper functions that call prlimit().

       The program below demonstrates the use of prlimit().

       #define _GNU_SOURCE
       #define _FILE_OFFSET_BITS 64
       #include <stdio.h>
       #include <time.h>
       #include <stdlib.h>
       #include <unistd.h>
       #include <sys/resource.h>

       #define errExit(msg)                                do { perror(msg); exit(EXIT_FAILURE); \
                               } while (0)

       main(int argc, char *argv[])
           struct rlimit old, new;
           struct rlimit *newp;
           pid_t pid;

           if (!(argc == 2 || argc == 4)) {
               fprintf(stderr, "Usage: %s <pid> [<new-soft-limit> "
                       "<new-hard-limit>]\n", argv[0]);


           pid = atoi(argv[1]);        /* PID of target process */

           newp = NULL;
           if (argc == 4) {
               new.rlim_cur = atoi(argv[2]);
               new.rlim_max = atoi(argv[3]);
               newp = &new;

           /* Set CPU time limit of target process; retrieve and display
              previous limit */

           if (prlimit(pid, RLIMIT_CPU, newp, &old) == -1)
           printf("Previous limits: soft=%lld; hard=%lld\n",
                   (long long) old.rlim_cur, (long long) old.rlim_max);

           /* Retrieve and display new CPU time limit */

           if (prlimit(pid, RLIMIT_CPU, NULL, &old) == -1)
           printf("New limits: soft=%lld; hard=%lld\n",
                   (long long) old.rlim_cur, (long long) old.rlim_max);


       prlimit(1), dup(2), fcntl(2), fork(2), getrusage(2), mlock(2), mmap(2),
       open(2),   quotactl(2),  sbrk(2),  shmctl(2),  malloc(3),  sigqueue(3),
       ulimit(3), core(5), capabilities(7), signal(7)

       This page is part of release 4.04 of the Linux  man-pages  project.   A
       description  of  the project, information about reporting bugs, and the
       latest    version    of    this    page,    can     be     found     at

Linux                             2015-12-28                      GETRLIMIT(2)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2021 Hurricane Electric. All Rights Reserved.