Set custom shell fork bomb limits
Completed
As a Server Administrator, I want to set custom shell fork bomb limits, so that some applications are not killed.
- Django (due to persistent user processes on the system via wsgi)
- RoR (due to persistent user processes on the system via Passenger)
- cPanel backups
- IMAP logins
- SSH
This is a feature that has been migrated over from the cPanel Forums. All previous comments and discussions concerning this feature can be located at:
http://forums.cpanel.net/f145/custom-shell-fork-bomb-limits-262791.html
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
This also affected my server, it prevented my sync software from syncing files to it. The Fork Bomb Protection sets a limit of 100 which overrides all other regular system methods including /etc/profile, /etc/profile.d/limits.sh and limits set in PAM. It drove me nuts trying ot figure out why the ulimit settings I had for my sync user were being ignored, until I started poking around in WHM, figuring this must be one of those cases where cPanel was blindly overwriting system settings. This feature, as it is designed, is of no use to me on my server or anyone else who needs a higher ulimit for certain users or groups.
Fork bomb protection would be much better if it worked *with* the system settings, rather than be a separate setting that overrides them all. It should be a proper front end to the system ulimits, which allow per-group and per-user settings.
See also
https://features.cpanel.net/topic/fork-bomb-protection-settings-per-user
This also affected my server, it prevented my sync software from syncing files to it. The Fork Bomb Protection sets a limit of 100 which overrides all other regular system methods including /etc/profile, /etc/profile.d/limits.sh and limits set in PAM. It drove me nuts trying ot figure out why the ulimit settings I had for my sync user were being ignored, until I started poking around in WHM, figuring this must be one of those cases where cPanel was blindly overwriting system settings. This feature, as it is designed, is of no use to me on my server or anyone else who needs a higher ulimit for certain users or groups.
Fork bomb protection would be much better if it worked *with* the system settings, rather than be a separate setting that overrides them all. It should be a proper front end to the system ulimits, which allow per-group and per-user settings.
See also
https://features.cpanel.net/topic/fork-bomb-protection-settings-per-user
Any progress on that ? We're having a lot of issues with the ulimit set by the shell fork protection.
We're currently setting it manually in limits.sh and limits.csh, but we would like to have a better solution.
We see this error in RoR and NodeJS currently.
A simple 'npm install' create problems because it open too many files for the ulimit.
Thank you in advance.
Any progress on that ? We're having a lot of issues with the ulimit set by the shell fork protection.
We're currently setting it manually in limits.sh and limits.csh, but we would like to have a better solution.
We see this error in RoR and NodeJS currently.
A simple 'npm install' create problems because it open too many files for the ulimit.
Thank you in advance.
Fyi - new documentation direct from cPanel on this topic as of 2021: https://support.cpanel.net/hc/en-us/articles/1500001648681-How-to-create-custom-Fork-Bomb-Protection-settings
Fyi - new documentation direct from cPanel on this topic as of 2021: https://support.cpanel.net/hc/en-us/articles/1500001648681-How-to-create-custom-Fork-Bomb-Protection-settings
Replies have been locked on this page!