Bug 135572 - openssh does not set ulimits correctly unless "UseLogin yes" in sshd_config
openssh does not set ulimits correctly unless "UseLogin yes" in sshd_config
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openssh (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
:
: 104997 (view as bug list)
Depends On: 140824
Blocks:
  Show dependency treegraph
 
Reported: 2004-10-13 11:58 EDT by Robert Brooks
Modified: 2007-11-30 17:07 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-05-19 10:14:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Robert Brooks 2004-10-13 11:58:16 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Gecko/20040930

Description of problem:
you can set max number of open file descriptors for a user in
/etc/security/limits.conf, but this setting is not honoured unless
sshd is set to "UseLogin Yes.

Version-Release number of selected component (if applicable):
openssh-3.6.1p2-33.30.1

How reproducible:
Always

Steps to Reproduce:
set number of file descriptors in limits.conf

$ grep nofile /etc/security/limits.conf
#        - nofile - max number of open files
user         hard    nofile          8192
user         soft    nofile          8192

log in over ssh as user

$ ulimit -n
1024

edit /etc/ssh/sshd_config so that UseLogin yes

# grep UseLogin /etc/ssh/sshd_config
UseLogin yes

restart ssh

now log in over ssh as user

$ ulimit -n
8192

ulimit for number of files is set correctly

Actual Results:  if sshd is configured with "UseLogin No" ulimit -n
returns 1024

Expected Results:  in both cases ulimit -n should return 8192

Additional info:
Comment 1 Robert Brooks 2004-10-13 12:01:32 EDT
problem also documented in a closed bugzilla here

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=116133
Comment 3 Shay Cohen 2005-01-19 09:24:11 EST
Please notice, that when configuring uselogin to "yes"
Xforwarding will be unactive (login does not support xauth). 
Shay.
Comment 6 Tomas Mraz 2005-02-07 04:44:19 EST
*** Bug 104997 has been marked as a duplicate of this bug. ***
Comment 7 Tomas Mraz 2005-05-19 10:14:35 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-106.html

Comment 8 Alex Bruno 2005-09-07 13:22:10 EDT
(In reply to comment #7)
> An advisory has been issued which should help the problem
> described in this bug report. This report is therefore being
> closed with a resolution of ERRATA. For more information
> on the solution and/or where to find the updated files,
> please follow the link below. You may reopen this bug report
> if the solution does not work for you.
> 
> http://rhn.redhat.com/errata/RHSA-2005-106.html
> 
> 

Question:  A customer opened a support ticket with us today and says that he has
EXACTLY this problem.  But he is using ssh version 2 which does not contain the
UseLogin variable.  So, the customer's question is what is the workaround for
version 2.
Comment 9 Tomas Mraz 2005-09-07 13:57:30 EDT
The limits should be set correctly if he has openssh-3.6.1p2-33.30.4 installed.

Note You need to log in before you can comment on or make changes to this bug.