##This is the maximum number of unique process identifiers your system can support.
cat /proc/sys/kernel/pid_max
OR
[root@test3sft security]# sysctl kernel.pid_max
kernel.pid_max = 32768
##For completeness, you can change it temporarily by writing to /proc/syskernel/pid_max
OR
permanently by adding the following to /etc/sysctl.conf.
4194303 is the maximum limit for x86_64 and 32767 for x86.
kernel.pid_max = 4194303
[root@test3sft security]# cat /proc/sys/kernel/pid_max
32768
[root@test3sft security]# ls -ltr /proc/sys/kernel/pid_max
-rw-r--r-- 1 root root 0 May 7 14:25 /proc/sys/kernel/pid_max
###/etc/sysctl.conf
[root@test3sft security]# cat /etc/sysctl.conf
[root@test3sft security]# sysctl -a | grep pid
kernel.core_uses_pid = 1
kernel.cad_pid = 1
kernel.pid_max = 32768
##fork bomb testing : https://www.cyberciti.biz/tips/linux-limiting-user-process.html
Save and close the file. Test your new system by dropping a fork bomb:
$ :(){ :|:& };:
##example how /etc/security/limits.conf and /etc/security/limits.d/90-nproc.conf work together
limits.conf was the base, /etc/security/limits.d/90-nproc.conf is on top of it and can't exceed the config in limits.conf
eg 1. In the example below nproc limit is set as 2047 as there is a hard limit of 2047 in limits.conf.
# cat /etc/security/limits.conf | grep nproc | grep -v ^#
test hard nproc 2047
test soft nproc 16384
# cat /etc/security/limits.d/90-nproc.conf | grep nproc | grep -v ^#
* soft nproc 1024
root soft nproc unlimited
test soft nproc 10023
# ulimit -u
2047
eg 2. Here 1066 is used because the last entry is “test soft nproc 1066” and 1066 does not exceed the hard limit.
# cat /etc/security/limits.conf | grep nproc | grep -v ^#
test hard nproc 1001
test soft nproc 16384
# cat /etc/security/limits.d/90-nproc.conf | grep nproc | grep -v ^#