This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
First Last Prev Next    This bug is not in your last search results.
Bug 157290 - vixie-cron missing pam configuration for limits
vixie-cron missing pam configuration for limits
Status: CLOSED DUPLICATE of bug 5162
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: vixie-cron (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
Brock Organ
:
Depends On:
Blocks: 170445
  Show dependency treegraph
 
Reported: 2005-05-10 05:08 EDT by Bastien Nocera
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version: vixie-cron-4.1-6_EL3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:08:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Bastien Nocera 2005-05-10 05:08:40 EDT 
In the /etc/security/limits.conf file I increase, for example, the number of
open file handles allowed for a process.

# grep nofile /etc/security/limits.conf
dan        soft       nofile   10000
dan        hard      nofile   20000

In an SSH session I can verify the limits are being applied:

$ ulimit -n
10000


If, however, I setup a cron job as this user:

$ crontab -l
* * * * *  /bin/bash -c "ulimit > /tmp/ulimits.txt"

If I then look at the output the limits are not being applied

$ grep "open files" /tmp/ulimits.txt
open files              (-n)      1024


A little poking around reveals that the vixie-cron RPM is missing the PAM config
file neccessary to have session limits applied. If I create a file

# cat > /etc/pam.d/cron <<EOF
#%PAM-1.0
auth       required     pam_stack.so service=system-auth
account    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
EOF

Restart the cron daemon

# /etc/init.d/crond restart


Then, wait for the job to run again it now picks up limits correctly

$ grep "open files" /tmp/ulimits.txt
open files              (-n) 10000

The lack of this PAM config is causing application jobs that would otherwise
work, to fail
Comment 1 Tomas Mraz 2005-05-10 08:11:48 EDT 
Nope, this doesn't fix the problem at all. It only appears so to you.
The RHEL-3 vixie-cron version 3.0.1 doesn't have a pam support at all.

The reason why your trick works is that the limits established in the bash
session where you issue /etc/init.d/crond restart apply to the crond daemon and
thus apply to the user's processes called according to the crontab.

The RHEL-4 vixie-cron has pam support implemented.
Comment 2 Jason Vas Dias 2005-05-10 08:17:36 EDT 
vixie-cron currently does not support PAM in RHEL-3 .

You can download vixie-cron-4.1-6_EL3, which does support PAM, and
which will hopefully be in RHEL-3-U6, from:
  http://people.redhat.com/~jvdias/vixie-cron/RHEL-3/
Comment 3 Jason Vas Dias 2005-05-10 08:19:45 EDT 
*** Bug 157291 has been marked as a duplicate of this bug. ***
Comment 4 Jason Vas Dias 2005-05-10 08:22:18 EDT 

*** This bug has been marked as a duplicate of 5162 ***
Comment 5 Jason Vas Dias 2005-05-10 08:24:09 EDT 
BTW, the PAM configuration file for vixie-cron-4.1+ is
/etc/pam.d/crond , not
/etc/pam.d/cron
Comment 7 Jason Vas Dias 2005-10-14 11:33:14 EDT 
This bug is fixed with vixie-cron-4.1-8_EL3, available from:
  http://people.redhat.com/~jvdias/cron/RHEL-3
and should be considered for inclusion in RHEL-3-U7 .
Comment 9 Red Hat Bugzilla 2006-02-21 14:08:20 EST 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.