In the /etc/security/limits.conf file I increase, for example, the number of open file handles allowed for a process. # grep nofile /etc/security/limits.conf dan soft nofile 10000 dan hard nofile 20000 In an SSH session I can verify the limits are being applied: $ ulimit -n 10000 If, however, I setup a cron job as this user: $ crontab -l * * * * * /bin/bash -c "ulimit > /tmp/ulimits.txt" If I then look at the output the limits are not being applied $ grep "open files" /tmp/ulimits.txt open files (-n) 1024 A little poking around reveals that the vixie-cron RPM is missing the PAM config file neccessary to have session limits applied. If I create a file # cat > /etc/pam.d/cron <<EOF #%PAM-1.0 auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth EOF Restart the cron daemon # /etc/init.d/crond restart Then, wait for the job to run again it now picks up limits correctly $ grep "open files" /tmp/ulimits.txt open files (-n) 10000 The lack of this PAM config is causing application jobs that would otherwise work, to fail
Nope, this doesn't fix the problem at all. It only appears so to you. The RHEL-3 vixie-cron version 3.0.1 doesn't have a pam support at all. The reason why your trick works is that the limits established in the bash session where you issue /etc/init.d/crond restart apply to the crond daemon and thus apply to the user's processes called according to the crontab. The RHEL-4 vixie-cron has pam support implemented.
vixie-cron currently does not support PAM in RHEL-3 . You can download vixie-cron-4.1-6_EL3, which does support PAM, and which will hopefully be in RHEL-3-U6, from: http://people.redhat.com/~jvdias/vixie-cron/RHEL-3/
*** Bug 157291 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of 5162 ***
BTW, the PAM configuration file for vixie-cron-4.1+ is /etc/pam.d/crond , not /etc/pam.d/cron
This bug is fixed with vixie-cron-4.1-8_EL3, available from: http://people.redhat.com/~jvdias/cron/RHEL-3 and should be considered for inclusion in RHEL-3-U7 .
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.