cookbook 'limits', '= 2.1.1', :supermarket
limits (6) Versions 2.1.1 Follow10
Configures limits for the pam_limits module
cookbook 'limits', '= 2.1.1'
knife supermarket install limits
knife supermarket download limits
Limits Cookbook
This cookbook is used to configure limits for the pam_limits
module.
By default, the configuration file is located at
/etc/security/limits.conf
. It can also configure limits in any
arbitrary path such as files in the directory /etc/security/limit.d
.
It is available on the Chef Supermarket or GitHub.
Usage
This cookbook does not provide any recipes. Instead, it should be
added as a dependency of another cookbook. This will make the custom
resources provided by the limits
cookbook available to be used in
another cookbook's recipes.
Here is an example of managing the system's limit.conf file, adding two limits, managing a limits.d file, deleting any manually-added limits, and adding one limit:
# System limits.conf example
limits_file '/etc/security/limits.conf' do
action :create
end
limit 'example-1' do
domain '*'
type 'hard'
item 'nofile'
value 512
end
limit 'example-2' do
domain '@student'
type 'soft'
item 'nproc'
value 20
end
# Separate limits.d example
limits_file '/etc/security/limits.d/001_vader.conf' do
action [:create, :purge]
end
limit 'example-3' do
path '/etc/security/limits.d/001_vader.conf'
domain 'vader'
type 'hard'
item 'nofile'
value 1000
end
Custom Resource: limits_file
This resource is used to manage a limits file. It is not required in
order to use the limit
resource, but it is required to purge limits
that were not set via Chef. It can also be used without any limit
resources to just maintain the formatting of a limits file.
Property | Type | Default | Required |
---|---|---|---|
path |
String | (name property) | No |
owner |
String, Integer | root |
No |
group |
String, Integer | root |
No |
mode |
String, Integer | 0644 |
No |
backup |
Integer, FalseClass | false |
No |
Action: create
(default)
This action will create the desired limits file. The file will be formatted to a known style. Any comments not attached to limits or lines that are not limits will be removed from the file. Existing limits and attached comments will remain. File owner, group, and mode will be maintained by Chef.
Action: purge
This action will remove any limits in the limits file that were not configured via Chef. This is useful if you want to ensure that a limits file is completely managed by Chef and any manually-added limits are removed.
Action: delete
This action will delete the desired limits file.
Examples
limits_file '/etc/security/limits.conf' do
action :create
end
limits_file '/etc/security/limits.d/001_vader.conf' do
action [:create, :purge]
end
limits_file '/etc/security/limits.d/002_anakin.conf' do
action :delete
end
Custom Resource: limit
This resource is used to manage a specific limit in a limits file. The
limits_file
resource is not required to be used in conjunction with
this resource, but they do compliment each other.
Property | Type | Default | Required |
---|---|---|---|
path |
String | /etc/security/limits.conf |
No |
domain |
String | none | Yes |
type |
see note below | none | Yes |
item |
see note below | none | Yes |
value |
Integer, String | none | Yes |
comment |
String | none | No |
Please see libraries/constants.rb
for valid types and limits. More
documentation on domain, type, item, and value can be found at the
following man page.
Action: create
(default)
This action will create the desired limit inside the limits file. This will also have the affect of reformatting the limits file. Any comments not attached to limits or lines that are not limits will be removed from the file. Existing limits and attached comments will remain.
If the limit already exists in the file, any out-of-sync properties will be updated. A limit is identified by the combination of domain, type, and item.
Action: delete
This action will delete the desired limit inside the limits file. A limit is identified by the combination of domain, type, and item.
Examples
limit 'create example' do
domain 'ftp'
type 'hard'
item 'nproc'
value 0
action :create
end
limit 'delete example' do
path '/etc/security/limits.d/001_vader.conf'
domain 'vader'
type 'hard'
item 'nofile'
action :delete
end
Testing
Testing was performed using Chef Workstation 20.6.62.
$ chef --version
Chef Workstation version: 20.6.62
Chef Infra Client version: 16.1.16
Chef InSpec version: 4.19.0
Chef CLI version: 3.0.4
Test Kitchen version: 2.5.1
Cookstyle version: 6.7.3
Perform tests using the following commands:
chef exec foodcritic . # linting for common issues
chef exec cookstyle # linting based on RuboCop
chef exec rspec # spec tests
chef exec kitchen test # integration tests
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
Collaborator Number Metric
2.1.1 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
2.1.1 passed this metric
No Binaries Metric
2.1.1 passed this metric
Publish Metric
2.1.1 passed this metric
Supported Platforms Metric
2.1.1 passed this metric
Testing File Metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
2.1.1 passed this metric
2.1.1 failed this metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
2.1.1 passed this metric
No Binaries Metric
2.1.1 passed this metric
Publish Metric
2.1.1 passed this metric
Supported Platforms Metric
2.1.1 passed this metric
Testing File Metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
2.1.1 passed this metric
2.1.1 passed this metric
2.1.1 passed this metric
Publish Metric
2.1.1 passed this metric
Supported Platforms Metric
2.1.1 passed this metric
Testing File Metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
2.1.1 passed this metric
2.1.1 passed this metric
2.1.1 passed this metric
Testing File Metric
2.1.1 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
2.1.1 passed this metric
2.1.1 failed this metric
2.1.1 passed this metric