Limits configuration - file /etc/security/limits.conf and others

The LimitsConf class parser, which provides a ‘rules’ list that is similar to the above but also provides a find_all method to find all the rules that match a given set of criteria and other properties that make it easier to use the contents of the parser.

class insights.parsers.limits_conf.LimitsConf(context)[source]

Bases: Parser

Parse the /etc/security/limits.conf and files in /etc/security/limits.d.

This parser reads the files and records the domain, type, item and value for each line. This is available as a big list of dictionaries in the ‘items’ property. Each item also contains the ‘file’ key, which denotes the file that this rule was read from.

Lines with too few or too many parts, or with misspellings in the value such as ‘unlimitied’, are stored in a bad_lines list property.

Use the find_all method to find all the the limits that apply in a particular situation. Parameters are supplied as arguments - for example, find_all(domain='root') will find all rules that apply to root (including wildcard rules). These rules are sorted by domain, type and item, and the most specific rule is used.


all unparseable, non-comment lines found in order.




all the domains found, in alphabetical order.




a list of dictionares with the domain, type, item, value and file of each rule.



Sample input:

# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.

*          soft    nproc     4096
root       soft    nproc     unlimited


>>> limits = shared[LimitsConf][0] # At the moment this is per filename
>>> len(limits.rules)
['*', 'root']
>>> limits.rules[0] # note value is integer
{'domain': '*', 'type': 'soft', 'item': 'nproc', 'value': 4096, 'file': '/etc/security/limits.d/20-nproc.conf'}
>>> limits.find_all(domain='root')
[{'domain': '*', 'type': 'soft', 'item': 'nproc', 'value': 4096, 'file': '/etc/security/limits.d/20-nproc.conf'},
 {'domain': 'root', 'type': 'soft', 'item': 'nproc', 'value': 4096, 'file': '/etc/security/limits.d/20-nproc.conf'}]
>>> limits.find_all(item='data')

Find all the rules that match the given parameters.

The three parameters that can be searched for are ‘domain’, ‘type’ and ‘item’. These are used as argument names in the keyword argument list. If no parameters are given, no matches are returned.


This method must be implemented by classes based on this class.