Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

limits (3) Versions 2.0.0

Configures limits for the pam_limits module

Berkshelf
Policyfile
Knife
cookbook 'limits', '~> 2.0.0'
cookbook 'limits', '~> 2.0.0', :supermarket
knife supermarket install limits
knife supermarket download limits
README
Dependencies
Changelog
Quality 63%

Limits Cookbook

This cookbook is used to configure limits for the pam_limits module. By default, the configuration file is located at /etc/security/limits.conf. It can also configure limits in any arbitrary path such as files in the directory /etc/security/limit.d. It is available on the Chef Supermarket or GitHub.

Usage

This cookbook does not provide any recipes. Instead, it should be added as a dependency of another cookbook. This will make the custom resources provided by the limits cookbook available to be used in another cookbook's recipes.

Here is an example of managing the system's limit.conf file, adding two limits, managing a limits.d file, deleting any manually-added limits, and adding one limit:

# System limits.conf example

limits_file '/etc/security/limits.conf' do
  action :create
end

limit 'example-1' do
  domain '*'
  type 'hard'
  item 'nofile'
  value 512
end

limit 'example-2' do
  domain '@student'
  type 'soft'
  item 'nproc'
  value 20
end

# Separate limits.d example

limits_file '/etc/security/limits.d/001_vader.conf' do
  action [:create, :purge]
end

limit 'example-3' do
  path '/etc/security/limits.d/001_vader.conf' do
  domain 'vader'
  type 'hard'
  item 'nofile'
  value 1000
end

Custom Resource: limits_file

This resource is used to manage a limits file. It is not required in order to use the limit resource, but it is required to purge limits that were not set via Chef. It can also be used without any limit resources to just maintain the formatting of a limits file.

Property Type Default Required
path String (name property) No
owner String, Integer root No
group String, Integer root No
mode String, Integer 0644 No
backup Integer, FalseClass false No

Action: create (default)

This action will create the desired limits file. The file will be formatted to a known style. Any comments not attached to limits or lines that are not limits will be removed from the file. Existing limits and attached comments will remain. File owner, group, and mode will be maintained by Chef.

Action: purge

This action will remove any limits in the limits file that were not configured via Chef. This is useful if you want to ensure that a limits file is completely managed by Chef and any manually-added limits are removed.

Action: delete

This action will delete the desired limits file.

Examples

limits_file '/etc/security/limits.conf' do
  action :create
end

limits_file '/etc/security/limits.d/001_vader.conf' do
  action [:create, :purge]
end

limits_file '/etc/security/limits.d/002_anakin.conf' do
  action :delete
end

Custom Resource: limit

This resource is used to manage a specific limit in a limits file. The limits_file resource is not required to be used in conjunction with this resource, but they do compliment each other.

Property Type Default Required
path String /etc/security/limits.conf No
domain String none Yes
type see note below none Yes
item see note below none Yes
value Integer, String none Yes
comment String none No

Please see libraries/constants.rb for valid types and limits. More documentation on domain, type, item, and value can be found at the following man page.

Action: create (default)

This action will create the desired limit inside the limits file. This will also have the affect of reformatting the limits file. Any comments not attached to limits or lines that are not limits will be removed from the file. Existing limits and attached comments will remain.

If the limit already exists in the file, any out-of-sync properties will be updated. A limit is identified by the combination of domain, type, and item.

Action: delete

This action will delete the desired limit inside the limits file. A limit is identified by the combination of domain, type, and item.

Examples

limit 'create example' do
  domain 'ftp'
  type 'hard'
  item 'nproc'
  value 0
  action :create
end

limit 'delete example' do
  path '/etc/security/limits.d/001_vader.conf'
  domain 'vader'
  type 'hard'
  item 'nofile'
  action :delete
end

Testing

Testing was performed using Chef Workstation 0.3.2.

$ chef --version
Chef Workstation: 0.3.2
  chef-run: 0.2.13
  chef-client: 14.13.11
  delivery-cli: 0.0.52 (9d07501a3b347cc687c902319d23dc32dd5fa621)
  berks: 7.0.8
  test-kitchen: 1.25.0
  inspec: 3.9.3

Perform tests using the following commands:

chef exec foodcritic .    # linting for common issues
chef exec cookstyle       # linting based on RuboCop
chef exec rspec           # spec tests
chef exec kitchen test    # integration tests

limits cookbook CHANGELOG

v2.0.0 (2019-06-04)

This cookbook has been completely refactored. It is not backwards compatible. Please see the README.md for usage details. The code has been uplifted to the latest best practices. The LWRP and definition was removed in favor of the new custom resource syntax introduced in Chef 12.

  • Add limit custom resource for managing individual limits
  • Add limits_file custom resource for managing a limits file
  • Remove attributes in favor of default values in custom resources
  • Remove set_limit definition and limits_config LWRP
  • Replace ChefDK with Chef Workstation
  • Replace RuboCop with Cookstyle
  • Replace Serverspec with InSpec
  • Replace Vagrant with Dokken
  • Test support on Chef 12-15

v1.0.0 (2014-12-07)

This cookbook has changed to be an LWRP-only usage. No longer will limits be able to be specified using attributes. Please see the README.md for usage details.

  • Development and testing using ChefDK
  • Add ChefSpec tests
  • Add Serverspec tests
  • Change license from Apache to MIT

v0.2.0 (2014-04-09)

  • Initial release of limits

Collaborator Number Metric
            

2.0.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

2.0.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

2.0.0 passed this metric

No Binaries Metric
            

2.0.0 passed this metric

Publish Metric
            

2.0.0 passed this metric

Supported Platforms Metric
            

2.0.0 passed this metric

Testing File Metric
            

2.0.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

2.0.0 passed this metric