Bug 173807
Summary: | runuser does not set per-process limits | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mihai Ibanescu <mihai.ibanescu> | ||||||
Component: | coreutils | Assignee: | Tim Waugh <twaugh> | ||||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 4 | CC: | rcoker, redhat-bugzilla | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | 5.93-4.1 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2005-12-12 17:43:55 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Mihai Ibanescu
2005-11-21 14:50:58 UTC
Created attachment 121342 [details]
Patch to make runuser use pam for setting limits.
This patch removes the need for a runuser.c file. The file su.c will contain
all the necessary code. It also contains a patch for the Makefile, I'm not
sure how to get this into the automake system. Maybe we should just fork su.c.
Created attachment 121343 [details]
suggested pam config file for runuser
Thanks. I'm testing out an automake-aware version. Building 5.93-4. Is it possible to change the runuser.pamd file to the following: #%PAM-1.0 auth sufficient pam_rootok.so session required pam_limits.so session required pam_unix.so Or is there a special reason to keep "/lib/security/$ISA/"? Currently, none of my /etc/pam.d/* files includes the path anyway? At least I found the following information in the pam rpm changelog: * Mon Dec 02 2002 Nalin Dahyabhai <nalin> 0.75-45 - create /lib/security, even if it isn't /%{_lib}/security, because we can't locate /lib/security/$ISA without it (noted by Arnd Bergmann) - clear out the duplicate docs directory created during %install [...] * Tue Oct 22 2002 Nalin Dahyabhai <nalin> 0.75-43 - patch to interpret $ISA in case the fist module load attempt fails - use $ISA in default configs There is no special reason to have "/lib/security/$ISA/", it works fine without it. I copied data from /etc/pam.d/system-auth which has those paths, it was probably a mistake. I've reopened the bug as I think that Robert is correct and the full paths should be removed. Fixed in CVS. Fixed package is coreutils-5.93-4.1. |