community / community.general / 8.5.0 / module / pam_limits Modify Linux PAM limits Authors: Sebastien Rohaut (@usawa)community.general.pam_limits (8.5.0) — module
Install with ansible-galaxy collection install community.general:==8.5.0
collections: - name: community.general version: 8.5.0
The M(community.general.pam_limits) module modifies PAM limits.
The default file is V(/etc/security/limits.conf).
For the full documentation, see C(man 5 limits.conf).
- name: Add or modify nofile soft limit for the user joe community.general.pam_limits: domain: joe limit_type: soft limit_item: nofile value: 64000
- name: Add or modify fsize hard limit for the user smith. Keep or set the maximal value community.general.pam_limits: domain: smith limit_type: hard limit_item: fsize value: 1000000 use_max: true
- name: Add or modify memlock, both soft and hard, limit for the user james with a comment community.general.pam_limits: domain: james limit_type: '-' limit_item: memlock value: unlimited comment: unlimited memory lock for james
- name: Add or modify hard nofile limits for wildcard domain community.general.pam_limits: domain: '*' limit_type: hard limit_item: nofile value: 39693561
dest: default: /etc/security/limits.conf description: - Modify the limits.conf path. required: false type: str value: description: - The value of the limit. - Value must either be V(unlimited), V(infinity) or V(-1), all of which indicate no limit, or a limit of 0 or larger. - Value must be a number in the range -20 to 19 inclusive, if O(limit_item) is set to V(nice) or V(priority). - Refer to the C(man 5 limits.conf) manual pages for more details. required: true type: str backup: default: false description: - Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. required: false type: bool domain: description: - A username, @groupname, wildcard, UID/GID range. required: true type: str comment: default: '' description: - Comment associated with the limit. required: false type: str use_max: default: false description: - If set to V(true), the maximal value will be used or conserved. - If the specified value is superior to the value in the file, file content is replaced with the new value, else content is not modified. required: false type: bool use_min: default: false description: - If set to V(true), the minimal value will be used or conserved. - If the specified value is inferior to the value in the file, file content is replaced with the new value, else content is not modified. required: false type: bool limit_item: choices: - core - data - fsize - memlock - nofile - rss - stack - cpu - nproc - as - maxlogins - maxsyslogins - priority - locks - sigpending - msgqueue - nice - rtprio - chroot description: - The limit to be set. required: true type: str limit_type: choices: - hard - soft - '-' description: - Limit type, see C(man 5 limits.conf) for an explanation. required: true type: str