Skip to content
/ puppet-limits Public
forked from saz/puppet-limits

Manage user and group limits via Puppet

License

View license
0 stars 37 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aschaber1/puppet-limits

BranchesTags
 
 

Repository files navigation

puppet-limits Build Status

Manage user and group limits via Puppet

This module manages the limits of the PAM module pam_limits.

It creates files in /etc/security/limits.d and does not manage the file /etc/security/limits.conf

How to use

Set limits using title pattern:

    limits::limits{'*/nofile':
      hard => 1048576,
      soft => 1048576,
    }
    limits::limits{'root/nofile': both => 1048576; }

Parameters

  • purge_limits_d_dir (Boolean, default: true) Whether or not to purge the limits.d directory
  • manage_limits_d_dir (Boolean, default: true) Whether or not to manage the limits.d directory
  • limits_dir: (String) The location of the limits.d directory
  • entries: (Hash) A hash of limits entries, keys should be the name and the value as a hash made up of;
    • ensure: (String, default present) Values can be absent or present
    • user: (String) The user that the limit applies to
    • limit_type (String) The limit type
    • hard: (Integer) the hard value
    • soft: (Integer) the soft value
    • both: (Integer) the value of both soft and hard

Using hiera

Puppet:

    include ::limits

Hiera:

    limits::entries:
      'root/nofile':
        both: 1048576
      '*/memlock':
        both: unlimited

Compatibility

Puppet 4.9+

This module is compatible with Puppet 4.9+, and Puppet 5.0+

Puppet 4.0 - 4.8

To use this module with previous versions of Puppet 4 (prior to Hiera 5) you should update your Hiera data to include the following

---
limits::limits_dir: /etc/security/limits.d

lookup_options:
  limits::entries:
    merge: deep

Purge limits.d directory

The class limits will purge the limits.d directory by default. You can explicit change this with the parameter purge_limits_d_dir

	class { 'limits': }

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      hard       => 16384,
      soft       => 16384,
    }

Do NOT purge limits.d directory explicitly

    class { 'limits':
      purge_limits_d_dir => false,
    }

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      hard       => 16384,
    }

Set both limit types in one line

    limits::limits { 'username_nofile':
      ensure     => present,
      user       => 'username',
      limit_type => 'nofile',
      both       => 16384,
    }

One of hard, soft or both must be set!

Do not manage /etc/security/limits.d

In an effort to make this module compatible with similar modules, e.g. puppet-module-pam, management of /etc/security/limits.d can be disabled by the manage_limits_d_dir class parameter:

class { 'limits':
  manage_limits_d_dir => false,
}

About

Manage user and group limits via Puppet

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages

No packages published

Languages

  • Ruby 81.8%
  • Puppet 15.4%
  • HTML 2.7%
  • Pascal 0.1%