Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 79517 - limits.conf does not have any effect in a shell that was opened by logging in with ssh
Summary: limits.conf does not have any effect in a shell that was opened by logging i...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: pam
Version: 8.0
Hardware: i386
OS: Linux
medium
low
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Jay Turner
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-12-12 17:17 UTC by Mathias Retzlaff
Modified: 2015-01-08 00:02 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-09-16 12:08:58 UTC


Attachments (Terms of Use)

Description Mathias Retzlaff 2002-12-12 17:17:13 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; UiuqmHmqouVilORJ)

Description of problem:
My /etc/security/limits.conf looks like this:

## Start /etc/security/limits.conf
foo	soft    nofile   16384
*	soft    nofile    1024
*	hard    nofile   16384
## End

So `ulimit -n` should output "1024" for every user except for foo.

I was working with RedHat7.3 and this was doing fine.
Now I installed RedHat8.0 and the following problem occures:

When I log in locally everything works as intended.
But when I remotely log in with ssh as user foo, `ulimit -n` outputs "1024" and 
not "16384" as expected.

Ant not only ulimit outputs the wrong numbers, the processes I start as user 
foo are really only allowed to open 1024 files at the same time.

A workaround I found was enabling the "UseLogin" Option 
in /etc/ssh/sshd_config.   -> (UseLogin yes)

But with RH7.3 it worked without this option set.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Install RedHat8.0 with sshd and latest updates
2.Enter the example value in /etc/security/limits.conf
3.Log in with ssh as user foo.
	

Actual Results:  The processes of user foo in a ssh-shell were only able to 
open 1024 files at a time.

Expected Results:  The processes of user foo in a ssh-shell should be able to 
open more than 1024 files at a time.

Additional info:

uname -a:
Linux Foocomp 2.4.18-18.8.0smp #1 SMP Wed Nov 13 23:11:20 EST 2002 i686 athlon 
i386 GNU/Linux

Comment 1 Ed Price 2003-02-27 00:28:42 UTC
i had exactly this problem myself.  pam_limits was not working, in the same way,
 on redhat 8.0, while it did work on redhat 7.3.

FWIW one thing i noticed was that if i set a user's limit LOWER than the
default, eg "nofile 100", it DID get applied when the user logged in via ssh. 
but i could not INCREASE the limit, which is what i needed to do.  (so i'd guess
it's some kind of privilege issue??)

thx for including that workaround ("UseLogin yes" in sshd_config).  it was an
effective workaround for me too.

Comment 2 Jeffrey Siegal 2003-09-08 22:02:14 UTC
I see the same issue on RH 9

Comment 3 Jeffrey Siegal 2003-09-08 22:05:15 UTC
UseLogin does not appear to be an effective workaround in my environment because
it is incompatible with X11Forwarding (see man sshd_config).

Comment 4 Tomas Mraz 2004-09-16 12:08:58 UTC
I don't se the problem with current pam and openssh as of Fedora Core 2.



Note You need to log in before you can comment on or make changes to this bug.