Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


ulimit (15) Versions 1.0.0

Resources for manaing ulimits

cookbook 'ulimit', '= 1.0.0', :supermarket
cookbook 'ulimit', '= 1.0.0'
knife supermarket install ulimit
knife supermarket download ulimit
Quality 83%

ulimit Cookbook

Build Status Cookbook Version

This cookbook provides resources for managing ulimits configuration on nodes.

  • user_ulimit resource for overriding various ulimit settings. It places configured templates into /etc/security/limits.d/, named for the user the ulimit applies to.
  • ulimit_domain which allows for configuring complex sets of rules beyond those supported by the user_ulimit resource.

The cookbook also includes a recipe (default.rb) which allows ulimit overrides with the 'su' command on Ubuntu.



  • Debian/Ubuntu and derivatives
  • RHEL/Fedora and derivatives


  • Chef 12.7+


  • none


  • node['ulimit']['pam_su_template_cookbook'] - Defaults to nil (current cookbook). Determines what cookbook the su pam.d template is taken from
  • node['ulimit']['users'] - Defaults to empty Mash. List of users with their limits, as below.

Default Recipe

Instead of using the user_ulimit resource directly you may define user ulimits via node attributes. The definition may be made via an environment file, a role file, or in a wrapper cookbook. Note: The preferred way to use this cookbook is by directly defining resources as it is much easier to troubleshoot and far more robust.

Example role configuration:

"default_attributes": {
   "ulimit": {
      "users": {
         "tomcat": {
            "filehandle_limit": 8193,
               "process_limit": 61504
            "hbase": {
               "filehandle_limit": 32768

To specify a change for all users change specify a wildcard resource or user name like so user_ulimit "*"



The user_ulimit resource creates individual ulimit files that are installed into the /etc/security/limits.d/ directory.


  • create
  • delete


  • username - Optional property to set the username if the resource name itself is not the username. See the example below.
  • filename - Optional filename to use instead of naming the file based on the username
  • filehandle_limit -
  • filehandle_soft_limit -
  • filehandle_hard_limit -
  • process_limit -
  • process_soft_limit -
  • process_hard_limit -
  • memory_limit -
  • core_limit -
  • core_soft_limit -
  • core_hard_limit -
  • stack_soft_limit -
  • stack_hard_limit -
  • rtprio_limit -
  • rtprio_soft_limit -
  • rtprio_hard_limit -


Example of a resource where the resource name is the username:

user_ulimit "tomcat" do
  filehandle_limit 8192 # optional
  filehandle_soft_limit 8192 # optional; not used if filehandle_limit is set)
  filehandle_hard_limit 8192 # optional; not used if filehandle_limit is set)
  process_limit 61504 # optional
  process_soft_limit 61504 # optional; not used if process_limit is set)
  process_hard_limit 61504 # optional; not used if process_limit is set)
  memory_limit 1024 # optional
  core_limit 2048 # optional
  core_soft_limit 1024 # optional
  core_hard_limit 'unlimited' # optional
  stack_soft_limit 2048 # optional
  stack_hard_limit 2048 # optional
  rtprio_limit 60 # optional
  rtprio_soft_limit 60 # optional
  rtprio_hard_limit 60 # optional

Example where the resource name is not the username:

user_ulimit 'set filehandle ulimits for our tomcat user' do
  username 'tomcat'
  filehandle_soft_limit 8192
  filehandle_hard_limit 8192


Note: The ulimit_domain resource creates files named after the domain with no modifiers by default. To override this behavior, specify the filename parameter to the resource.


  • create
  • delete


ulimit_domain 'my_user' do
  rule do
    item :nofile
    type :hard
    value 10000
  rule do
    item :nofile
    type :soft
    value 5000

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

aerospike Applicable Versions
apache_hadoop Applicable Versions
apache_zookeeper Applicable Versions
cassandra-dse Applicable Versions
cerner_kafka Applicable Versions
cerner_splunk Applicable Versions
cerner_tomcat Applicable Versions
clickhouse Applicable Versions
common_linux Applicable Versions
cq Applicable Versions
elastic Applicable Versions
et_mesos Applicable Versions
gatling Applicable Versions
hadoop Applicable Versions
hipsnip-mongodb Applicable Versions
hopsworks Applicable Versions
hypertable Applicable Versions
icinga2 Applicable Versions
javadeploy Applicable Versions
kafka-cluster Applicable Versions
nodestack Applicable Versions
redis-omnibus Applicable Versions
redisio Applicable Versions
resin Applicable Versions
riak Applicable Versions
riak-cs Applicable Versions
solrcloud Applicable Versions
stack-base Applicable Versions
thumbor_ng Applicable Versions
trafficserver Applicable Versions
vitess Applicable Versions

CHANGELOG for ulimit

This file is used to list changes made in each version of ulimit.


  • Breaking change: This cookbook now requires Chef 12.7 or later
  • LWRPs converted to custom resources with Chef 13 compatibility
  • Added the rtprio property to the user resource
  • Updated the cookbook to not append .conf onto filenames when the user already specified a name that ends in .conf
  • Added a chefignore file to limit what files get uploaded to the chef server
  • Added a Test Kitchen config + InSpec tests for unit testing
  • Added the license file to the repo to resolve a Foodcritic warning
  • Added a Berksfile
  • Resolved all cookstyle warnings
  • Fixed the metadata license string to be an SPDX standard license string to resolve Foodcritic warnings
  • Add supports, source_url, issues_url, and chef_version metadata to resolve Foodcritic warnings
  • Switched the default recipe from platform to platform_family to catch more Debian/Ubuntu derivatives
  • Added testing with ChefDK's delivery local mode in Travis
  • Expanded the readme with better information on requirements and usage examples
  • Removed ChefSpec matchers that are autogenerated by ChefSpec now
  • Added Cookstyle and autocorrected all code
  • Added a basic ChefSpec unit test





  • Support specifying users via attributes (as long as your runlist includes the ulimit::default recipe). Thanks to Dmytro Shteflyuk (




  • Adds node attribute node['ulimit']['pam_su_template_cookbook'] to allow users to provide a su pam.d template from another cookbook



  • Initial release of ulimit

Check the Markdown Syntax Guide for help with Markdown.

The Github Flavored Markdown page describes the differences between markdown on github and standard markdown.

Collaborator Number Metric

1.0.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

1.0.0 passed this metric

Foodcritic Metric

1.0.0 passed this metric

No Binaries Metric

1.0.0 passed this metric

Testing File Metric

1.0.0 passed this metric

Version Tag Metric

1.0.0 passed this metric