在*nux中，對(duì)于每個(gè)用戶，系統(tǒng)限制其最大進(jìn)程數(shù)、文件數(shù)……。為提高性能，可以根據(jù)設(shè)備資源情況，設(shè)置各用戶的最大進(jìn)程數(shù)，文件數(shù)等等
在mac中，要設(shè)置這些系統(tǒng)值，也使用這些命令。

可以用ulimit -a 來顯示當(dāng)前的各種用戶進(jìn)程限制。

$ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files (-n) 256 pipe size (512 bytes, -p) 1 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 709 virtual memory (kbytes, -v) unlimited$ ulimit -n 1000$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files (-n) 1000 pipe size (512 bytes, -p) 1 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 709 virtual memory (kbytes, -v) unlimited$

在服務(wù)器類中，可能要對(duì)可以使用的socket端口等限制放大，修改其值

$ ulimit -n 1000 $

如果修改太大，并不一定成功。

$ ulimit -n 100000 -bash: ulimit: open files: cannot modify limit: Operation not permitted

這是，需要使用的命令是launchctl和sysctl

• sysctl 命令：

NAMEsysctl -- get or set kernel stateSYNOPSISsysctl [-bdehiNnoqx] name[=value] ...sysctl [-bdehNnoqx] -aDESCRIPTIONThe sysctl utility retrieves kernel state and allows processes with appropriate privilege to set kernelstate. The state to be retrieved or set is described using a ``Management Information Base'' (``MIB'')style name, described as a dotted set of components.The following options are available:-A Equivalent to -o -a (for compatibility).-a List all the currently available non-opaque values. This option is ignored if one or more variablenames are specified on the command line.... ...

可以嘗試使用sysctl -a 來列出系統(tǒng)狀態(tài)值，這是一個(gè)超長(zhǎng)的列表。

• launchctl 命令

NAMElaunchctl -- Interfaces with launchdSYNOPSISlaunchctl subcommand [arguments ...]DESCRIPTIONlaunchctl interfaces with launchd to manage and inspect daemons, agents and XPC services.SUBCOMMANDSlaunchctl allows for detailed examination of launchd endpoints. A domain manages the execution policy for acollection of services. A service may be thought of as a virtual process that is always available to bespawned in response to demand. Each service has a collection of endpoints, and sending a message to one ofthose endpoints will cause the service to launch on demand. Domains advertise these endpoints in a sharednamespace and may be thought of as synonymous with Mach bootstrap subsets.Many subcommands in launchctl take a specifier which indicates the target domain or service for the subcom-mand. This specifier may take one of the following forms:system/[service-name]Targets the system domain or a service within the system domain. The system domain manages the rootMach bootstrap and is considered a privileged execution context. Anyone may read or query the sys-tem domain, but root privileges are required to make modifications.user/<uid>/[service-name]Targets the user domain for the given UID or a service within that domain. A user domain may existindependently of a logged-in user. User domains do not exist on iOS.login/<asid>/[service-name]Targets a user-login domain or service within that domain. A user-login domain is created when theuser logs in at the GUI and is identified by the audit session identifier associated with thatlogin. If a user domain has an associated login domain, the print subcommand will display the ASIDof that login domain. User-login domains do not exist on iOS.gui/<uid>/[service-name]Another form of the login specifier. Rather than specifying a user-login domain by its ASID, thisspecifier targets the domain based on which user it is associated with and is generally more conve-nient.Note: GUI domains and user domains share many resources. For the purposes of the Mach bootstrapname lookups, they are "flat", so they share the same set of registered names. But they still havediscrete sets of services. So when printing the user domain's contents, you may see many Mach boot-strap name registrations from services that exist in the GUI domain for that user, but you will notsee the services themselves in that list.session/<asid>/[service-name]Targets the session domain for the given audit session ID or a service within that domain. For moreinformation about audit sessions, see auditon(2) and libbsm(3)pid/<pid>/[service-name]Targets the domain for the given PID or a service within that domain. Each process on the systemwill have a PID domain associated with it that consists of the XPC services visible to that processwhich can be reached with xpc_connection_create(3).... ... ... ...

• 設(shè)置打開文件數(shù)

$sudo launchctl limit maxfiles 100000 500000 $sudo ulimit -n 100000

• 設(shè)置進(jìn)程數(shù)

$sudo launchctl limit maxproc 100000 100000 $ launchctl limit cpu unlimited unlimited filesize unlimited unlimited data unlimited unlimited stack 8388608 67104768 core 0 unlimited rss unlimited unlimited memlock unlimited unlimited maxproc 709 1064 maxfiles 100000 100000 $sysctl -a | grep "files" kern.maxfiles: 100000 kern.maxfilesperproc: 100000 kern.num_files: 7622

要查看有哪些項(xiàng)是可以修改的，請(qǐng)使用命令man 3 sysctl,其列出了各種類型的配置變量，還有哪些是可以修改，哪些不可以修改。

$sudo ulimit -u 1064

• 設(shè)置端口

$sudo sysctl net.inet.ip.portrange.first=10000

要想支持更高數(shù)量的TCP并發(fā)連接的通訊處理程序，就必須修改系統(tǒng)對(duì)當(dāng)前用戶的進(jìn)程同時(shí)打開的文件數(shù)量的軟限制(soft limit)和硬限制(hardlimit)。其中軟限制是指Linux在當(dāng)前系統(tǒng)能夠承受的告警范圍內(nèi)進(jìn)一步限制用戶同時(shí)打開的文件數(shù)，超過則會(huì)告警；硬限制則是根據(jù)系統(tǒng)硬件資源狀況(主要是系統(tǒng)內(nèi)存)計(jì)算出來的系統(tǒng)最多可同時(shí)打開的文件數(shù)量，超過則無法打開了。

查看網(wǎng)絡(luò)的設(shè)置

$ sysctl -a | grep "net.inet.ip" net.inet.ip.portrange.lowfirst: 1023 net.inet.ip.portrange.lowlast: 600 net.inet.ip.portrange.first: 49152 net.inet.ip.portrange.last: 65535 net.inet.ip.portrange.hifirst: 49152 net.inet.ip.portrange.hilast: 65535 net.inet.ip.forwarding: 0 net.inet.ip.redirect: 1 net.inet.ip.ttl: 64 net.inet.ip.rtexpire: 2400 net.inet.ip.rtminexpire: 10 net.inet.ip.rtmaxcache: 128 net.inet.ip.sourceroute: 0 net.inet.ip.accept_sourceroute: 0 net.inet.ip.gifttl: 30 net.inet.ip.subnets_are_local: 0 net.inet.ip.mcast.maxgrpsrc: 512 net.inet.ip.mcast.maxsocksrc: 128 net.inet.ip.mcast.loop: 1 net.inet.ip.dummynet.hash_size: 64 net.inet.ip.dummynet.curr_time: 0 net.inet.ip.dummynet.ready_heap: 0 net.inet.ip.dummynet.extract_heap: 0 net.inet.ip.dummynet.searches: 0 net.inet.ip.dummynet.search_steps: 0 net.inet.ip.dummynet.expire: 1 net.inet.ip.dummynet.max_chain_len: 16 net.inet.ip.dummynet.red_lookup_depth: 256 net.inet.ip.dummynet.red_avg_pkt_size: 512 net.inet.ip.dummynet.red_max_pkt_size: 1500 net.inet.ip.dummynet.debug: 0 net.inet.ip.fw.enable: 1 net.inet.ip.fw.autoinc_step: 100 net.inet.ip.fw.one_pass: 0 net.inet.ip.fw.debug: 0 net.inet.ip.fw.verbose: 0 net.inet.ip.fw.verbose_limit: 0 net.inet.ip.fw.dyn_buckets: 256 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.dyn_max: 4096 net.inet.ip.fw.static_count: 1 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_fin_lifetime: 1 net.inet.ip.fw.dyn_rst_lifetime: 1 net.inet.ip.fw.dyn_udp_lifetime: 10 net.inet.ip.fw.dyn_short_lifetime: 5 net.inet.ip.fw.dyn_keepalive: 1 net.inet.ip.random_id_statistics: 0 net.inet.ip.random_id_collisions: 0 net.inet.ip.random_id_total: 0 net.inet.ip.sendsourcequench: 0 net.inet.ip.maxfragpackets: 2048 net.inet.ip.fragpackets: 0 net.inet.ip.maxfragsperpacket: 128 net.inet.ip.scopedroute: 1 net.inet.ip.adj_clear_hwcksum: 0 net.inet.ip.check_interface: 0 net.inet.ip.rx_chaining: 1 net.inet.ip.rx_chainsz: 6 net.inet.ip.input_perf: 0 net.inet.ip.input_perf_bins: 0 net.inet.ip.linklocal.in.allowbadttl: 1 net.inet.ip.random_id: 1 net.inet.ip.maxchainsent: 11 net.inet.ip.select_srcif_debug: 0 net.inet.ip.output_perf: 0 net.inet.ip.output_perf_bins: 0 net.inet.ipsec.def_policy: 1 net.inet.ipsec.esp_trans_deflev: 1 net.inet.ipsec.esp_net_deflev: 1 net.inet.ipsec.ah_trans_deflev: 1 net.inet.ipsec.ah_net_deflev: 1 net.inet.ipsec.ah_cleartos: 1 net.inet.ipsec.ah_offsetmask: 0 net.inet.ipsec.dfbit: 0 net.inet.ipsec.ecn: 0 net.inet.ipsec.debug: 0 net.inet.ipsec.esp_randpad: -1 net.inet.ipsec.bypass: 1 net.inet.ipsec.esp_port: 4500

總結(jié)

以上是生活随笔為你收集整理的mac中修改系统限制量--ulimit和sysctl的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。