community / community.general / 0.2.1 / module / pam_limits Modify Linux PAM limits Authors: Sebastien Rohaut (@usawa)community.general.pam_limits (0.2.1) — module
Install with ansible-galaxy collection install community.general:==0.2.1
collections: - name: community.general version: 0.2.1
The C(pam_limits) module modifies PAM limits. The default file is C(/etc/security/limits.conf). For the full documentation, see C(man 5 limits.conf).
- name: Add or modify nofile soft limit for the user joe pam_limits: domain: joe limit_type: soft limit_item: nofile value: 64000
- name: Add or modify fsize hard limit for the user smith. Keep or set the maximal value. pam_limits: domain: smith limit_type: hard limit_item: fsize value: 1000000 use_max: yes
- name: Add or modify memlock, both soft and hard, limit for the user james with a comment. pam_limits: domain: james limit_type: '-' limit_item: memlock value: unlimited comment: unlimited memory lock for james
- name: Add or modify hard nofile limits for wildcard domain pam_limits: domain: '*' limit_type: hard limit_item: nofile value: 39693561
dest: default: /etc/security/limits.conf description: - Modify the limits.conf path. required: false value: description: - The value of the limit. required: true backup: default: 'no' description: - Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. required: false type: bool domain: description: - A username, @groupname, wildcard, uid/gid range. required: true comment: default: '' description: - Comment associated with the limit. required: false use_max: default: 'no' description: - If set to C(yes), the maximal value will be used or conserved. If the specified value is superior to the value in the file, file content is replaced with the new value, else content is not modified. required: false type: bool use_min: default: 'no' description: - If set to C(yes), the minimal value will be used or conserved. If the specified value is inferior to the value in the file, file content is replaced with the new value, else content is not modified. required: false type: bool limit_item: choices: - core - data - fsize - memlock - nofile - rss - stack - cpu - nproc - as - maxlogins - maxsyslogins - priority - locks - sigpending - msgqueue - nice - rtprio - chroot description: - The limit to be set required: true limit_type: choices: - hard - soft - '-' description: - Limit type, see C(man 5 limits.conf) for an explanation required: true