Securing-Optimizing-RH-Linux-1_2_71
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca
© Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ®
71
The file-max file /proc/sys/fs/file-max set the maximum number of file-handles that the Linux
kernel will allocate. We generally tune this file to improve the number of open files by increasing
the value of /proc/sys/fs/file-max to something reasonable like 256 for every 4M of RAM we
have: i.e. for a machine with 128 MB of RAM, set it to 8192 (128/4=32 32*256=8192).
·
To adjust the value of file-max to 128 MB of RAM, type the following on your terminal:
[root@deep /]# echo "8192" >/proc/sys/fs/file-max
NOTE: When you regularly receive from your server, a lot of messages with errors about running
out of open files, you might want to raise this limit. The default value is 4096. A file server or web
server needs a lot of open files.
Add the above commands to the /etc/rc.d/rc.local script file and youll not have to type it again
the next time your server reboots.
7. The inode-max parameter
The inode-max file /proc/sys/fs/inode-max set the maximum number of inodes handlers. We
generally tune this file to improve the number of inodes opened by increasing the
/proc/sys/fs/inode-max to a value roughly 3 to 4 times (8192*4=32768) the number of opened
files we have set to the file-max parameter above. This is because the number of opened
inodes is at least one per open file, and often much larger for large files.
·
To adjust the value of inode-max to 128 MB of RAM, type the following on your terminal:
[root@deep /]# echo "32768" >/proc/sys/fs/inode-max
NOTE: If you regularly run out of inodes, you should increase this value. Dont forget that the value
you enter for the inode-max parameter depends of the file-max value. A file server or web
server needs a lot of opened inodes.
Add the above commands to the /etc/rc.d/rc.local script file and youll not have to type it again
the next time your server reboots.
8. The ulimit parameter
Linux itself has a "Max Processes" per user limit. This feature allows us to control the number of
processes an existing user on the server may be authorized to have. To improve performance,
we can safety set the limit of process the super-user root may have to be unlimited.
Edit the .bashrc file (vi /root/.bashrc) and add the following line:
ulimit -u unlimited
You must exit and re-login from your terminal for the change to take effect. To verify that you are
ready to go, make sure that when you type as root the command ulimit -a on your terminal, it
shows "unlimited" next to max user processes.
[root@deep /]# ulimit -a
core file size (blocks)
1000000
data seg size (kbytes)
unlimited
file size (blocks)
unlimited
max memory size (kbytes)
unlimited
stack size (kbytes)
8192