Support | su: cannot set user id: Resource temporarily unavailable
My Favorites
to see your favorites.
su: cannot set user id: Resource temporarily unavailableThis document
is provided subject to the
at the end of this document.
Environment Novell Open Enterprise Server
(Linux based)
Novell SUSE Linux Enterprise Server 9
Situation Unable to login as a particular
userUnable to start an SSH session as
a particular userUnable to "su" as a particular
userAll the processes started by the
affected user stop workingERROR: su: cannot set user id: Resource
temporarily unavailable
Resolution The affected user has reached the
maximum number of process specified for him into the file /etc/security/limits.conf
.These commands, executed as root, can give you the number of process and of open files for the given user:ps -U username | wc -llsof | grep username | wc -lTo fix the issue increase the
NPROC Soft limit according to the user an
please look at the note below about the /etc/security/limits.conf
file.If third party software is
involved, please contact the software vendor to advice about the
proper limits to use.
Additional Information Through the contents of the
configuration file /etc/security/limits.conf
resource limits are placed on users' sessions. The user root (and other users with
uid=0) are not affected by this restriction.Each line of the configuration
file describes a limit for a user in the form:&&&&domain&&&&&&&&&&The fields listed above should be
filled as follows: can be:a usernamea groupname, with @group syntaxthe wild-card *, for default entrythe wild-card %, for maxlogins limit only, can also be used
with %group syntax can have the three
values:hard for
enforcing hard resource limits. These limits are set by the
superuser and enforced by the Linux kernel. The user cannot raise
his requirement of system resourcsoft for
enforcing soft resource limits. These limits are ones that the user
can adjust within the range permitted by any pre-exisiting hard
limits. The values specified with this token can be thought of as
default values, for- for enforcing
both soft and hard limits together. can be one of the
following:core- limits
the core file size (KB)data- max data
size (KB)fsize- maximum
filesize (KB)memlock- max
locked-in-memory address space (KB)nofile- max
number of open filesrss- max
resident set size (KB)stack- max
stack size (KB)cpu- max CPU
time (MIN)nproc- max
number of processesas- address
space limitmaxlogins- max
number of logins for this usermaxsyslogins-
max number of logins on systempriority- the
priority to run user process with (negative values boost process
priority)locks- max
locked filesIf a type of "-'' is specified without
supplying the item and value fields then no limits are
enforced.The first entry of the form which
applies to the authenticating user will override all other entries
in the limits configuration file.In general, individual limits
have priority over group limits, so if no limits is imposed for a
given group, but one of the members in this group have a limits
line, the user will have its limits set according to this
line.Please note that all limit
settings are set per login. They are not global, nor are they
existing only for the duration of the session.The following is an example
configuration file:# EXAMPLE
/etc/security/limits.conf file:#
=======================================# &&&&*&&&&&&&&&
soft&& nproc&&&&&&
2047*&&&&&&&& hard&& nproc&&&&&&
16384*&&&&&&&& soft&& nofile&&&&&&
2048*&&&&&&&& hard&& nofile&&&&&
65536Having this file means, for
instance, that every user can start a maximum of 2047 processes and
can raise this limit up to 16384.
DisclaimerThis Support Knowledgebase provides a valuable tool for
NetIQ/Novell/SUSE customers and parties interested in our products and solutions to
acquire information, ideas and learn from one another. Materials are provided for
informational, personal or non-commercial use within your organization and are
presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
Document ID:3007194Creation Date:19-JUN-06Modified Date:27-APR-12NovellOpen Enterprise ServerSUSESUSE Linux Enterprise Server
Did this document solve your problem?
Micro Focuslinux下，su用户时，出现提示：-bash:&fork:&retry:&Resource&temporarily&unavailable的解决办法
linux下，su用户时，出现提示：-bash: fork:
retry: Resource temporarily unavailable，无法su到指定用户时，执行如下命令即可：
echo&"*&&&&&&&&&&soft&&&&&nproc&&&&&&&&&&2047"&&&/etc/security/limits.conf
echo&"*&&&&&&&&&&hard&&&&&nproc&&&&&&&&&&16384"&&&/etc/security/limits.conf
以上命令在CentOS 6下测试通过
已投稿到：
以上网友发言只代表其个人观点，不代表新浪网的观点或立场。linux - su: /bin/bash: Resource temporarily unavailable - Server Fault
to customize your list.
Server Fault is a question and answer site for system and network administrators. It's 100% free, no registration required.
Here's how it works:
Anybody can ask a question
Anybody can answer
The best answers are voted up and rise to the top
Unable to switch user to postgres.
Ulimit settings for postgres user is set with reasonable limits. We are not hitting max.
No errors in /var/log/messages.
BETA -bash-4.2# sudo su - postgres
su: /bin/bash: Resource temporarily unavailable
BETA -bash-4.2# ps -auxww | grep -i postgr | wc -l
BETA -bash-4.2# lsof | grep -i postgr | wc -l
BETA -bash-4.2#
Ulimit for postgres process.
BETA -bash-4.2# cat /proc/26230/limits
Soft Limit
Hard Limit
Max cpu time
Max file size
Max data size
Max stack size
Max core file size
Max resident set
Max processes
Max open files
Max locked memory
Max address space
Max file locks
Max pending signals
Max msgqueue size
Max nice priority
Max realtime priority
Max realtime timeout
BETA -bash-4.2# netstat -plan | grep -i post | grep ESTABLISHED | wc -l
BETA -bash-4.2#
Ulimit settings
BETA -bash-4.2# cat /etc/security/limits.d/postgres_limits.conf
# Limits settings for postgres
postgres soft nofile 4096
postgres hard nofile 4096
postgres soft nproc 400
postgres hard nproc 400
After I restart postgres, I was able to get in.
Resource util for postgres user.
BETA -bash-4.2# netstat -plan | grep -i post | grep ESTABLISHED | wc -l
BETA -bash-4.2#
BETA -bash-4.2# lsof | grep -i postgr | wc -l
BETA -bash-4.2# ps -auxww | grep -i postgr | wc -l
BETA -bash-4.2#
Just restarting postgres is not a long term solution, you will hit the limit again, unless you have physical resource constraints on the server such as memory. During the issue the number of processes opened(nproc) by postgres user was 503 and the estimated number of open files(nofile) was 35225 and yet your postgres_limits.conf shows that you have set nproc to only 400 and nofile to only 4096. Based on your data, you will need to increase those two parameters.
5,07811125
Your Answer
Sign up or
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Post as a guest
By posting your answer, you agree to the
Not the answer you're looking for?
Browse other questions tagged
Server Fault works best with JavaScript enabledulimit - Cannot switch, ssh to specific user: su: cannot set user id: Resource temporarily unavailable? - Server Fault
to customize your list.
Server Fault is a question and answer site for system and network administrators. It's 100% free, no registration required.
Here's how it works:
Anybody can ask a question
Anybody can answer
The best answers are voted up and rise to the top
/var/log/secure:
su: pam_keyinit(su-l:session): Unable to change UID to 500 temporarily
su: pam_keyinit(su-l:session): Unable to change UID to 500 temporarily
su: pam_unix(su-l:session): session opened for user adtech by root(uid=0)
su: pam_unix(su-l:session): session closed for user adtech
I guess this is caused by per-user limit, but there is no different when comparing with another user.
Here're ulimit -n for adtech:
[adtech@hmaster87 root]$ ulimit -a
core file size
(blocks, -c) 0
data seg size
(kbytes, -d) unlimited
scheduling priority
(blocks, -f) unlimited
pending signals
(-i) 192025
max locked memory
(kbytes, -l) 64
max memory size
(kbytes, -m) unlimited
open files
(-n) 655360
(512 bytes, -p) 8
POSIX message queues
(bytes, -q) 819200
real-time priority
stack size
(kbytes, -s) 10240
(seconds, -t) unlimited
max user processes
virtual memory
(kbytes, -v) unlimited
file locks
(-x) unlimited
and this one for quanta:
[quanta@hmaster87 ~]$ ulimit -a
core file size
(blocks, -c) 0
data seg size
(kbytes, -d) unlimited
scheduling priority
(blocks, -f) unlimited
pending signals
(-i) 192025
max locked memory
(kbytes, -l) 64
max memory size
(kbytes, -m) unlimited
open files
(-n) 655360
(512 bytes, -p) 8
POSIX message queues
(bytes, -q) 819200
real-time priority
stack size
(kbytes, -s) 10240
(seconds, -t) unlimited
max user processes
virtual memory
(kbytes, -v) unlimited
file locks
(-x) unlimited
the number of processes running by adtech:
[root@hmaster87 ~]# ps -U adtech | wc -l
Any other thing to check?
UPDATE Sat Jul 21 09:21:26 ICT 2012:
# getent passwd adtech
adtech:x:500:502::/home/adtech:/bin/bash
As I said in the below comment, my co-worker had found out the process which maybe the culprit:
00:00:00 /home/adtech/nexus/bin/../bin/jsw/linux-x86-64/wrapper /home/adtech/nexus/bin/../bin/jsw/conf/wrapper.conf wrapper.syslog.ident=nexus wrapper.pidfile=/home/adtech/nexus/bin/../bin/jsw/linux-x86-64/nexus.pid wrapper.daemonize=TRUE
00:00:24 java -Dsun.net.inetaddr.ttl=3600 -DbundleBasedir=. -Djava.io.tmpdir=./tmp -DjettyContext=nexus.properties -DjettyContextIncludeKeys=bundleBasedir -DjettyPlexusCompatibility=true -Djava.library.path=bin/jsw/lib -classpath bin/jsw/lib/wrapper-3.2.3.jar:./lib/plexus-classworlds-2.4.jar:./conf/ -Dwrapper.key=ejxHaBJASiFkAB8w -Dwrapper.port=32000 -Dwrapper.jvm.port.min=31000 -Dwrapper.jvm.port.max=31999 -Dwrapper.pid=12901 -Dwrapper.version=3.2.3 -Dwrapper.native_library=wrapper -Dwrapper.service=TRUE -Dwrapper.cpu.timeout=10 -Dwrapper.jvmid=1 org.codehaus.plexus.classworlds.launcher.Launcher ./conf/jetty.xml
By killing this process the problem go away but we still don't know which limit was exceeded.
UPDATE Sat Dec 15 00:56:13 ICT 2012:
The @favadi's answer is right, but I update here in case someone google's this thread.
The log file said that:
| Server daemon died!
| java.lang.OutOfMemoryError: unable to create new native thread
at java.lang.Thread.start0(Native Method)
at java.lang.Thread.start(Thread.java:640)
at org.tanukisoftware.wrapper.WrapperManager.privilegedStopInner(WrapperManager.java:3152)
at org.tanukisoftware.wrapper.WrapperManager.handleSocket(WrapperManager.java:3797)
at org.tanukisoftware.wrapper.WrapperManager.run(WrapperManager.java:4084)
at java.lang.Thread.run(Thread.java:662)
migrated from
This question came from our site for users of Linux, FreeBSD and other Un*x-like operating systems.
It could be possible that the max user processes
(-u) 1024 is too low.
Remember that processes and threads are counting together.
You can use ps -eLF | grep adtech | wc -l to show your current value.
2,02011138
Look in the jvm log for evidence it is hitting resource limits. Stack size might be the problem, depending how many java threads the killed process was running.
Searching on your error message finds bug reports for pam_keyinit: check with your vendor's repository whether an updated version is available.
The error was reported by pam_keyinit.
Since I am not familiar with this module, I searched for documentation and found this .
Based on the description, I wonder if perhaps the process that you killed prevented the necessary access to some files that pam_keyinit needs to modify?
Hopefully this gives you some direction.
This issue can happen if the user's process-run-limit is reached. The process limit can be increased by editing: /etc/security/limits.conf file with a user having root permission. The entry to check will be similar to:
No need to restart any services.
Your Answer
Sign up or
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Post as a guest
By posting your answer, you agree to the
Not the answer you're looking for?
Browse other questions tagged
Server Fault works best with JavaScript enabled}