Jump to content

Did you know Darwin (OSX) Has A Limit On # of Processes?


  • Please log in to reply
7 replies to this topic

#1
stryder

stryder

    InsanelyMac Geek

  • Members
  • PipPipPipPip
  • 235 posts
  • Location:Canada, eh!
OS X has a very small maximum limit of the number of processes you can run. How did I discover this? Well, our webserver was suddenly denying connections, even though the maximum limit was set to 500, and we weren't getting 500 concurrent connections! If you don't raise the limits, and you reach them, you're locked out of even shutting down or restarting! Here's how to raise them:

in /etc/sysctl.conf:

kern.maxproc=2048
kern.maxprocperuid=512

--

in /etc/rc:

#
# ####################################################################
#
# ADDED TO PREVENT SYSTEM LOCKUP
#
# ####################################################################
#
sysctl -w kern.maxproc=2048
sysctl -w kern.maxprocperuid=512

--

in /etc/rc.common:

#######################
# Configure the shell #
#######################


# ####################################################################
#
# ADDED TO CANCEL OUT THE LIMIT OF THE NUMBER OF PROCESSES
#
# ####################################################################

ulimit -u 512

# #######################


The above additions will allow more processes to run (512 per user id, maximum of 2048 total). See Mac OS X client has a relatively conservative setting of 512 for kern.maxproc, while Mac OS X Server sets this to 2048. So I upped this as well and things seem to be going more smoothly on our servers.

#2
humasect

humasect

    InsanelyMac Protégé

  • Members
  • Pip
  • 30 posts
Hey that's cool. Thanks for the info.

BSD and Apache can be joyous

#3
Daisuke

Daisuke

    InsanelyMac Protégé

  • Just Joined
  • Pip
  • 4 posts
Never EVER run sysctl -w kern.maxproc=0
or ulimit -u 0

It does NOT set it to unlimited. ;)

#4
stryder

stryder

    InsanelyMac Geek

  • Members
  • PipPipPipPip
  • 235 posts
  • Location:Canada, eh!

Never EVER run sysctl -w kern.maxproc=0
or ulimit -u 0

It does NOT set it to unlimited. :(


No, it will set it to 0, which means you can't do ANYTHING!

If you want unlimited, set everything to like 32767.

#5
freedomlinux

freedomlinux

    InsanelyMac Protégé

  • Members
  • Pip
  • 10 posts

No, it will set it to 0, which means you can't do ANYTHING!

If you want unlimited, set everything to like 32767.


Hah! Ah, the miracle of *BSD - you get EXACTLY what you ask for.
If 0 doesn't make unlimited processes, would -1 ?

#6
jklmpqo

jklmpqo

    InsanelyMac Protégé

  • Members
  • Pip
  • 17 posts
but wut happens if you divide by zero

#7
PainWarlock

PainWarlock

    InsanelyMac Geek

  • Members
  • PipPipPip
  • 140 posts
  • Gender:Male

No, it will set it to 0, which means you can't do ANYTHING!

If you want unlimited, set everything to like 32767.


hmmm i have an idea for a virus now lol ;)

#8
Ranguvar

Ranguvar

    InsanelyMac Protégé

  • Members
  • PipPip
  • 59 posts
That limit does seem a bit low, yeah. It's good to have a limit of ~30,000, prevents forkbombs from doing their full work.

To test immunity to a Bash forkbomb -- do NOT run this unless you're okay with a potential system lock with potential data loss of open apps! It creates many, many new processes that take up CPU and such. An attacker would likely use a more efficient version, like a C one or even ASM. http://en.wikipedia.org/wiki/Fork_bomb
:(){ :|:& };:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2014 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Mac Netbook  |   PHP hosting by CatN  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy