What does “soft/hard nofile” mean on Linux

Question

When I tried to install a software on RedHat EL5, I got the error that the expected value of soft/hard nofile is 4096 while the default is 1024. I managed to increase the number

Answer 1

These are: a 'soft' and a 'hard' limit for number of files a process may have opened at a time. Both limit the same resource (no relation to hard links or anything). The difference is: the soft limit may be changed later, up to the hard limit value, by the process running with these limits and hard limit can only be lowered – the process cannot assign itself more resources by increasing the hard limit (except processes running with superuser privileges (as root)).

Similar limits can be set for other system resources: system memory, CPU time, etc. See the setrlimit(2) manual page or the description of your shell's ulimit build-in command (e.g. in the bash(1) manual page.

Answer 2

As an additional aside, some distros include /etc/security/limits.d where "snippets" of limit configurations can be placed. You can create files such as this:

$ ll /etc/security/limits.d/
-rw-r--r--. 1 root root 191 Aug 18 10:26 90-nproc.conf
-rw-r--r--  1 root root  70 Sep 29 12:54 90-was-filedesc.conf

With files containing whatever limits you want to set:

$ more /etc/security/limits.d/90-nproc.conf
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.

*          soft    nproc     1024
root       soft    nproc     unlimited

$ more /etc/security/limits.d/90-was-filedesc.conf
root       hard    nofile    20000

I find using this method to manage these types of overrides much cleaner than mucking with /etc/security/limits.conf.

Also if you want to set both soft/hard to the same value you can use the - as the type.

$ more /etc/security/limits.d/90-was-filedesc.conf
root       -       nofile    20000

Answer 3

No reboot is required, but /etc/security/limits.conf is only processed when /lib/security/pam_limits.so runs, which is at login time, and the values are inherited by child processes. After a new login, anything under that login will inherit the values specified.