Red Hat Bugzilla – Bug 229994
vncserver does not honor /etc/security/limits.conf
Last modified: 2013-04-30 19:35:14 EDT
Description of problem: vncserver does not honor /etc/security/limits.conf E.g. setting nofile in /etc/security/limits.conf for an user and running the vncserver init script the user is not alloed to open the set file limits. Version-Release number of selected component (if applicable): vnc-server-4.0-8.1 How reproducible: always Steps to Reproduce: 1. # cat /etc/security/limits.conf |grep nofile tr soft nofile 4000 tr hard nofile 40000 # cat /etc/sysconfig/vncservers|grep tr VNCSERVERS="2:tr" VNCSERVERARGS[2]="-geometry 1152x864" 2. service vncserver start 3. Connect to the session and watch the limits: $ ulimit -n 1024 Actual results: $ ulimit -n 1024 Expected results: $ ulimit -n 40000 Additional info: This is maybe a runuser problem as it does not use pam. Using su instead of runuser in the initscript works.
I discussed this problem with Daniel Walsh (selinux expert) and substitude runuser by su could cause problems. (from dwalsh: If su has the pam_selinux.so line in it with multiple specified, It could cause problems.) For this I must close this bug. See also https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134594 Regards, Adam