OCM_Session7_5_修改/etc/security/limits.conf和 /etc/pam.d/login和/etc/profile

zoukankan html css js c++ java

OCM_Session7_5_修改/etc/security/limits.conf和 /etc/pam.d/login和/etc/profile
五、修改/etc/security/limits.conf和 /etc/pam.d/login和/etc/profile

这个在OCM环境已经配置好。

参考官方文档：http://docs.oracle.com/cd/B19306_01/install.102/b14203/prelinux.htm
To increase the shell limits:

Add the following lines to the /etc/security/limits.conf file:

oracle              soft    nproc   2047

oracle               hard    nproc   16384

oracle               soft    nofile 1024

oracle               hard    nofile 65536

Add or edit the following line in the /etc/pam.d/login file, if it does not already exist:

session    required     /lib/security/pam_limits.so

Depending on the oracle user's default shell, make the following changes to the default shell startup file:

For the Bourne, Bash, or Korn shell, add the following lines to the /etc/profile file (or the file on SUSE systems)/etc/profile.local:

if [ $USER = "oracle" ]; then

        if [ $SHELL = "/bin/ksh" ]; then

              ulimit -p 16384

              ulimit -n 65536

        else

              ulimit -u 16384 -n 65536

        fi

fi

For the C shell (csh or tcsh), add the following lines to the /etc/csh.login file (or the file on SUSE systems)/etc/csh.login.local:

if ( $USER == "oracle" ) then

        limit maxproc 16384

        limit descriptors 65536

endif

Repeat this procedure on all other nodes in the cluster.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------

我的修改如下：

rac1节点

[root@rac1 ~]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@rac1 ~]# vi /etc/security/limits.conf

# /etc/security/limits.conf

#

#Each line describes a limit for a user in the form:

#

#<domain> <type> <item> <value>

#

#Where:

#<domain> can be:

# - an user name

# - a group name, with @group syntax

# - the wildcard *, for default entry

# - the wildcard %, can be also used with %group syntax,

# for maxlogin limit

#

#<type> can have the two values:

# - "soft" for enforcing the soft limits

# - "hard" for enforcing hard limits

#

#<item> can be one of the following:

# - core - limits the core file size (KB)

# - data - max data size (KB)

# - fsize - maximum filesize (KB)

# - memlock - max locked-in-memory address space (KB)

# - nofile - max number of open files

# - rss - max resident set size (KB)

# - stack - max stack size (KB)

# - cpu - max CPU time (MIN)

# - nproc - max number of processes

# - as - address space limit

# - maxlogins - max number of logins for this user

# - maxsyslogins - max number of logins on the system

# - priority - the priority to run user process with

# - locks - max number of file locks the user can hold

# - sigpending - max number of pending signals

# - msgqueue - max memory used by POSIX message queues (bytes)

# - nice - max nice priority allowed to raise to

# - rtprio - max realtime priority

#

#<domain> <type> <item> <value>

#

#* soft core 0

#* hard rss 10000

#@student hard nproc 20

#@faculty soft nproc 20

#@faculty hard nproc 50

#ftp hard nproc 0

#@student - maxlogins 4

oracle soft nproc 2047

oracle hard nproc 16384

oracle soft nofile 1024

oracle hard nofile 65536

"/etc/security/limits.conf" 58L, 1975C written

[root@rac1 ~]# cp /etc/pam.d/login /etc/pam.d/login.bak

[root@rac1 ~]# vi /etc/pam.d/login

#%PAM-1.0

auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so

auth include system-auth

account required pam_nologin.so

account include system-auth

password include system-auth

# pam_selinux.so close should be the first session rule

session required pam_selinux.so close

session optional pam_keyinit.so force revoke

session required pam_loginuid.so

session include system-auth

session optional pam_console.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session required pam_selinux.so open

session required /lib/security/pam_limits.so

~

~

~

~

~

~

~

"/etc/pam.d/login" 15L, 695C written

[root@rac1 ~]#

[root@rac1 ~]# cp /etc/profile /etc/profile.bak

[root@rac1 ~]# vi /etc/profile

# /etc/profile

# System wide environment and startup programs, for login setup

# Functions and aliases go in /etc/bashrc

pathmunge () {

if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then

if [ "$2" = "after" ] ; then

PATH=$PATH:$1

else

PATH=$1:$PATH

fi

fi

}

# ksh workaround

if [ -z "$EUID" -a -x /usr/bin/id ]; then

EUID=`id -u`

UID=`id -ru`

fi

# Path manipulation

if [ "$EUID" = "0" ]; then

pathmunge /sbin

pathmunge /usr/sbin

pathmunge /usr/local/sbin

fi

# No core files by default

ulimit -S -c 0 > /dev/null 2>&1

if [ -x /usr/bin/id ]; then

USER="`id -un`"

LOGNAME=$USER

MAIL="/var/spool/mail/$USER"

fi

HOSTNAME=`/bin/hostname`

HISTSIZE=1000

if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then

INPUTRC=/etc/inputrc

fi

export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC

for i in /etc/profile.d/*.sh ; do

if [ -r "$i" ]; then

if [ "$PS1" ]; then

. $i

else

. $i >/dev/null 2>&1

fi

fi

done

unset i

unset pathmunge

if [ $USER = "oracle" ]; then

if [ $SHELL = "/bin/ksh" ]; then

ulimit -p 16384

ulimit -n 65536

else

ulimit -u 16384 -n 65536

fi

fi

"/etc/profile" 74L, 1234C written

[root@rac1 ~]

---------------------------------------------------------------------------------------------------------------------

rac2节点：

[root@rac2 ~]# cp /etc/security/limits.conf /etc/security/limits.conf.bak

[root@rac2 ~]# vi /etc/security/limits.conf

# /etc/security/limits.conf

#

#Each line describes a limit for a user in the form:

#

#<domain> <type> <item> <value>

#

#Where:

#<domain> can be:

# - an user name

# - a group name, with @group syntax

# - the wildcard *, for default entry

# - the wildcard %, can be also used with %group syntax,

# for maxlogin limit

#

#<type> can have the two values:

# - "soft" for enforcing the soft limits

# - "hard" for enforcing hard limits

#

#<item> can be one of the following:

# - core - limits the core file size (KB)

# - data - max data size (KB)

# - fsize - maximum filesize (KB)

# - memlock - max locked-in-memory address space (KB)

# - nofile - max number of open files

# - rss - max resident set size (KB)

# - stack - max stack size (KB)

# - cpu - max CPU time (MIN)

# - nproc - max number of processes

# - as - address space limit

# - maxlogins - max number of logins for this user

# - maxsyslogins - max number of logins on the system

# - priority - the priority to run user process with

# - locks - max number of file locks the user can hold

# - sigpending - max number of pending signals

# - msgqueue - max memory used by POSIX message queues (bytes)

# - nice - max nice priority allowed to raise to

# - rtprio - max realtime priority

#

#<domain> <type> <item> <value>

#

#* soft core 0

#* hard rss 10000

#@student hard nproc 20

#@faculty soft nproc 20

#@faculty hard nproc 50

#ftp hard nproc 0

#@student - maxlogins 4

oracle soft nproc 2047

oracle hard nproc 16384

oracle soft nofile 1024

oracle hard nofile 65536

"/etc/security/limits.conf" 58L, 1975C written

[root@rac2 ~]# cp /etc/pam.d/login /etc/pam.d/login.bak

[root@rac2 ~]# vi /etc/pam.d/login

#%PAM-1.0

auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so

auth include system-auth

account required pam_nologin.so

account include system-auth

password include system-auth

# pam_selinux.so close should be the first session rule

session required pam_selinux.so close

session optional pam_keyinit.so force revoke

session required pam_loginuid.so

session include system-auth

session optional pam_console.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session required pam_selinux.so open

session required /lib/security/pam_limits.so

~

~

~

~

~

~

~

"/etc/pam.d/login" 15L, 695C written

[root@rac2 ~]#

[root@rac2 ~]# cp /etc/profile /etc/profile.bak

[root@rac2 ~]# vi /etc/profile

# /etc/profile

# System wide environment and startup programs, for login setup

# Functions and aliases go in /etc/bashrc

pathmunge () {

if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then

if [ "$2" = "after" ] ; then

PATH=$PATH:$1

else

PATH=$1:$PATH

fi

fi

}

# ksh workaround

if [ -z "$EUID" -a -x /usr/bin/id ]; then

EUID=`id -u`

UID=`id -ru`

fi

# Path manipulation

if [ "$EUID" = "0" ]; then

pathmunge /sbin

pathmunge /usr/sbin

pathmunge /usr/local/sbin

fi

# No core files by default

ulimit -S -c 0 > /dev/null 2>&1

if [ -x /usr/bin/id ]; then

USER="`id -un`"

LOGNAME=$USER

MAIL="/var/spool/mail/$USER"

fi

HOSTNAME=`/bin/hostname`

HISTSIZE=1000

if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then

INPUTRC=/etc/inputrc

fi

export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC

for i in /etc/profile.d/*.sh ; do

if [ -r "$i" ]; then

if [ "$PS1" ]; then

. $i

else

. $i >/dev/null 2>&1

fi

fi

done

unset i

unset pathmunge

if [ $USER = "oracle" ]; then

if [ $SHELL = "/bin/ksh" ]; then

ulimit -p 16384

ulimit -n 65536

else

ulimit -u 16384 -n 65536

fi

fi

"/etc/profile" 74L, 1234C written

[root@rac2 ~]#

----------------------------------------------------------------------------------------------------------------------------------------------
查看全文

相关阅读:
linux查询php.ini位置
 laravel打印完整SQL语句
 python识别图片中的文字
 python -使用pytesseract识别文字时遇到的问题
 python弹出选择文件的弹出窗获取文件方法
 python将字符串中多个空格换为一个空格
 python生成word文档
 linux下tar命令
 python使用xpath获取内容
 正则表达式匹配空行

原文地址：https://www.cnblogs.com/hzcya1995/p/13315881.html