Hi PAM from RH7 and rawhide does not know about RLIMIT_LOCKS, however it uses RLIM_NLIMITS which includes the count for RLIMIT_LOCKS. Thus when PAM sets the default lock values RLIMIT_LOCKS.{SOFT,HARD} will be set to zero. Then if one tries to logon to a kernel-2.4 based system and grab a file lock it will fail as the limit is zero ... happens when trying to use sendmail for instance. Patch attached. Jes --- pam-0.72/modules/pam_limits/pam_limits.c-old Wed Nov 8 16:57:14 2000 +++ pam-0.72/modules/pam_limits/pam_limits.c Wed Nov 8 16:59:27 2000 @@ -272,11 +272,17 @@ retval |= getrlimit(RLIMIT_AS, &limits[RLIMIT_AS].limit); limits[RLIMIT_AS].src_soft = LIMITS_DEF_NONE; limits[RLIMIT_AS].src_hard = LIMITS_DEF_NONE; + +#ifdef RLIMIT_LOCKS + retval |= getrlimit(RLIMIT_LOCKS, &limits[RLIMIT_LOCKS].limit); + limits[RLIMIT_LOCKS].src_soft = LIMITS_DEF_NONE; + limits[RLIMIT_LOCKS].src_hard = LIMITS_DEF_NONE; +#endif priority = 0; login_limit = -2; login_limit_def = LIMITS_DEF_NONE; return retval; -} +} static void process_limit(int source, const char *lim_type, const char *lim_item, const char *lim_value, @@ -315,6 +321,10 @@ limit_item = RLIMIT_MEMLOCK; else if (strcmp(lim_item, "as") == 0) limit_item = RLIMIT_AS; +#ifdef RLIMIT_LOCKS + else if (strcmp(lim_item, "locks") == 0) + limit_item = RLIMIT_LOCKS; +#endif else if (strcmp(lim_item, "maxlogins") == 0) { limit_item = LIMIT_LOGIN; flag_numsyslogins = 0;
Thanks. This will be included in the next Raw Hide release.