解决方案

更多用户已添加到此系统。
文件 /etc/security/limits.conf 中“soft nofile”或者“soft nproc”的限制值生效。
/etc/security/limits.conf 文件为每个用户设置系统资源限制。

例如，lsof 返回的打开文件的值高于帐户“oracle”在节点 NODE2 上的“soft nofile”的限制值。

1.检查/etc/security/limits.conf：

[oracle<@NODE2> ~]$cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#            
#Where:
# can be:
#        - an user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
# can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
# can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open files
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#[domain]      [type]  [item]         [value]
oracle hard nofile 65535
oracle soft nofile 4096
oracle hard nproc 20480
oracle soft nproc 2047

2.检查用户'oracle'运行的进程：

[jack@oir2 ~]$ ps -u oracle|wc -l
489

3.检查用户'oracle'打开的文件：

[oracle@[NODE2] ~]$ /usr/sbin/lsof -u oracle | wc -l
62490

确定参数限制后，请按照下面列出的步骤解决问题：

1. 手动修改/etc/security/limits.conf。
   增加“soft nofile”的值，直到它等于“hard nofile”的值。
   增加“soft nproc”的值，直到它等于“hard nproc”的值。

[jack@oir2 ~]$cat /etc/security/limits.conf
oracle hard nofile 65535
oracle soft nofile 65535
oracle hard nproc 20480
oracle soft nproc 20480

2. 检查问题是否仍然存在：

[jack@oir1 ~]$ssh jack@oir2
jack@oir2's password:
Last login: Fri Mar 6 02:33:01 2009 from NODE1

达到其他限制设置时的不同错误

当达到 /etc/profile 中的“打开文件”和“最大用户进程”限制时，错误会有所不同。

1. 达到“open files”限制时出错：

[jack@oir1~]$ssh NODE2
jack@oir2's password:
-bash: ulimit: max user processes: cannot modify limit: Operation not permitted
-bash: /home/oracle/.bash_profile: Too many open files

-bash：ulimit：最大用户进程数：不能修改限制：不允许操作
-bash: /home/oracle/.bash_profile: 打开的文件太多

2. 达到限制“max user processes”时出错：

[jack@oir1 ~]$ssh jack@oir2
jack@oir2's password:
-bash: ulimit: open files: cannot modify limit: Operation not permitted
-bash: fork: Resource temporarily unavailable

-bash: ulimit: 打开文件: 不能修改限制: 不允许操作
-bash: fork: 资源暂时不可用

问题

有些用户无法通过ssh登录，报错信息：Connection reset by peer

其他用户可以通过 ssh 成功连接到这个系统。

下面是一个示例，显示使用帐户“oracle”登录节点 [NODE2] 失败。

[jack@oir1]$ ssh oracle@[NODE2]
oracle@[NODE2]'s password:
Read from remote host [NODE2]: Connection reset by peer
Connection to [NODE2] closed.

[jack@oir1]$ ssh root@[NODE2]
root@[NODE2]'s password:
Last login: Fri Mar 6 02:30:55 2009 from [NODE1]

错误信息可以在节点[NODE2]上的/var/log/messages日志中找到：

Nov 29 11:11:11 [NODE2] sshd[7194]: Accepted password for oracle from ::ffff:xx.xx.xx.xx port 24318 ssh2
Nov 29 11:11:11 [NODE2] sshd[7202]: fatal: setresuid 501: Resource temporarily unavailable

致命：setresuid 501：资源暂时不可用