Documentation
  • Docs »
  • pam_limits - Modify Linux PAM limits

pam_limits - Modify Linux PAM limits

New in version 2.0.

Synopsis

  • The pam_limits module modify PAM limits, default in /etc/security/limits.conf. For the full documentation, see man limits.conf(5).

Parameters

Parameter Choices/Defaults Comments
backup
bool
    Choices:
  • no ←
  • yes
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
comment Default:
""
Comment associated with the limit.
dest Default:
"/etc/security/limits.conf"
Modify the limits.conf path.
domain
required
A username, @groupname, wildcard, uid/gid range.
limit_item
required
    Choices:
  • core
  • data
  • fsize
  • memlock
  • nofile
  • rss
  • stack
  • cpu
  • nproc
  • as
  • maxlogins
  • maxsyslogins
  • priority
  • locks
  • sigpending
  • msgqueue
  • nice
  • rtprio
  • chroot
The limit to be set
limit_type
required
    Choices:
  • hard
  • soft
  • -
Limit type, see man limits for an explanation
use_max
bool
    Choices:
  • no ←
  • yes
If set to yes, the maximal value will be used or conserved. If the specified value is superior to the value in the file, file content is replaced with the new value, else content is not modified.
use_min
bool
    Choices:
  • no ←
  • yes
If set to yes, the minimal value will be used or conserved. If the specified value is inferior to the value in the file, file content is replaced with the new value, else content is not modified.
value
required
The value of the limit.

Notes

Note

  • If dest file doesn’t exists, it is created.

Examples

# Add or modify nofile soft limit for the user joe
- pam_limits:
    domain: joe
    limit_type: soft
    limit_item: nofile
    value: 64000

# Add or modify fsize hard limit for the user smith. Keep or set the maximal value.
- pam_limits:
    domain: smith
    limit_type: hard
    limit_item: fsize
    value: 1000000
    use_max: yes

# Add or modify memlock, both soft and hard, limit for the user james with a comment.
- pam_limits:
    domain: james
    limit_type: '-'
    limit_item: memlock
    value: unlimited
    comment: unlimited memory lock for james

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

  • Sebastien Rohaut (@usawa)

Hint

If you notice any issues in this documentation you can edit this document to improve it.