According to the document Prerequisites and overview ,
If the user running SonarQube (sonarqube in this example) does not have permission to have at least 131072 open descriptors, you must insert this line in /etc/security/limits.d/99-sonarqube.conf (or /etc/security/limits.conf as you wish):
sonarqube - nofile 131072
sonarqube - nproc 8192
if I deploy it with a Docker container, the sonarqube running user in container is sonarqube
, but in the host system, it is my general user kane
,
$ ps -ef | grep sonarq
kane 5016 4994 0 Jul13 ? 00:05:32 /opt/java/openjdk/bin/java -jar lib/sonarqube.jar -Dsonar.log.console=true
So how should a system restriction policy be written? kane or sonarqube?