Bug 229994

Summary: vncserver does not honor /etc/security/limits.conf
Product: Red Hat Enterprise Linux 4 Reporter: Rainer Traut <rainer.traut>
Component: vncAssignee: Adam Tkac <atkac>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.4CC: dwalsh, ovasik
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-05-22 11:24:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rainer Traut 2007-02-25 16:58:21 UTC 
Description of problem:
vncserver does not honor /etc/security/limits.conf
E.g. setting nofile in /etc/security/limits.conf for an user and running the
vncserver init script the user is not alloed to open the set file limits.

Version-Release number of selected component (if applicable):
vnc-server-4.0-8.1

How reproducible:
always

Steps to Reproduce:
1. 
# cat /etc/security/limits.conf |grep nofile
tr              soft    nofile          4000
tr              hard    nofile          40000

# cat /etc/sysconfig/vncservers|grep tr
VNCSERVERS="2:tr"
VNCSERVERARGS[2]="-geometry 1152x864"

2. 
service vncserver start

3.
Connect to the session and watch the limits:
$ ulimit -n
1024

  
Actual results:
$ ulimit -n
1024

Expected results:
$ ulimit -n
40000


Additional info:
This is maybe a runuser problem as it does not use pam.
Using su instead of runuser in the initscript works.
Comment 4 Adam Tkac 2007-05-22 11:24:52 UTC 
I discussed this problem with Daniel Walsh (selinux expert) and substitude
runuser by su could cause problems.

(from dwalsh: If su has the pam_selinux.so line in it with multiple specified, 
It could cause problems.)

For this I must close this bug. See also
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134594

Regards, Adam