su: cannot set user id: Resource temporarily unavailable

  • 3007194
  • 19-Jun-2006
  • 27-Apr-2012


Novell Open Enterprise Server (Linux based)
Novell SUSE Linux Enterprise Server 9


Unable to login as a particular user
Unable to start an SSH session as a particular user
Unable to "su" as a particular user
All the processes started by the affected user stop working
ERROR: su: cannot set user id: Resource temporarily unavailable


The affected user has reached the maximum number of process specified for him into the file /etc/security/limits.conf .

These commands, executed as root, can give you the number of process and of open files for the given user:

ps -U username | wc -l

lsof | grep username | wc -l

To fix the issue increase the NPROC Soft limit according to the user and applications needs; please look at the note below about the /etc/security/limits.conf file.

If third party software is involved, please contact the software vendor to advice about the proper limits to use.

Additional Information

Through the contents of the configuration file /etc/security/limits.conf resource limits are placed on users' sessions. The user root (and other users with uid=0) are not affected by this restriction.

Each line of the configuration file describes a limit for a user in the form:

<   domain>         

The fields listed above should be filled as follows:

can be:
  • a username
  • a groupname, with @group syntax
  • the wild-card *, for default entry
  • the wild-card %, for maxlogins limit only, can also be used with %group syntax
can have the three values:
  • hard for enforcing hard resource limits. These limits are set by the superuser and enforced by the Linux kernel. The user cannot raise his requirement of system resources above such values;
  • soft for enforcing soft resource limits. These limits are ones that the user can adjust within the range permitted by any pre-exisiting hard limits. The values specified with this token can be thought of as default values, for normal system usage;
  • - for enforcing both soft and hard limits together.
can be one of the following:
  • core- limits the core file size (KB)
  • data- max data size (KB)
  • fsize- maximum filesize (KB)
  • memlock- max locked-in-memory address space (KB)
  • nofile- max number of open files
  • rss- max resident set size (KB)
  • stack- max stack size (KB)
  • cpu- max CPU time (MIN)
  • nproc- max number of processes
  • as- address space limit
  • maxlogins- max number of logins for this user
  • maxsyslogins- max number of logins on system
  • priority- the priority to run user process with (negative values boost process priority)
  • locks- max locked files
If a type of "-'' is specified without supplying the item and value fields then no limits are enforced.
The first entry of the form which applies to the authenticating user will override all other entries in the limits configuration file.
In general, individual limits have priority over group limits, so if no limits is imposed for a given group, but one of the members in this group have a limits line, the user will have its limits set according to this line.
Please note that all limit settings are set per login. They are not global, nor are they permanent; existing only for the duration of the session.

The following is an example configuration file:

# EXAMPLE /etc/security/limits.conf file:
# =======================================
*          soft   nproc       2047
*         hard   nproc       16384
*         soft   nofile       2048
*         hard   nofile      65536

Having this file means, for instance, that every user can start a maximum of 2047 processes and can raise this limit up to 16384.