Bug 79517 - limits.conf does not have any effect in a shell that was opened by logging in with ssh
limits.conf does not have any effect in a shell that was opened by logging i...
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
8.0
i386 Linux
medium Severity low
: ---
: ---
Assigned To: Tomas Mraz
Jay Turner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-12-12 12:17 EST by Mathias Retzlaff
Modified: 2015-01-07 19:02 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-16 08:08:58 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mathias Retzlaff 2002-12-12 12:17:13 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; UiuqmHmqouVilORJ)

Description of problem:
My /etc/security/limits.conf looks like this:

## Start /etc/security/limits.conf
foo	soft    nofile   16384
*	soft    nofile    1024
*	hard    nofile   16384
## End

So `ulimit -n` should output "1024" for every user except for foo.

I was working with RedHat7.3 and this was doing fine.
Now I installed RedHat8.0 and the following problem occures:

When I log in locally everything works as intended.
But when I remotely log in with ssh as user foo, `ulimit -n` outputs "1024" and 
not "16384" as expected.

Ant not only ulimit outputs the wrong numbers, the processes I start as user 
foo are really only allowed to open 1024 files at the same time.

A workaround I found was enabling the "UseLogin" Option 
in /etc/ssh/sshd_config.   -> (UseLogin yes)

But with RH7.3 it worked without this option set.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Install RedHat8.0 with sshd and latest updates
2.Enter the example value in /etc/security/limits.conf
3.Log in with ssh as user foo.
	

Actual Results:  The processes of user foo in a ssh-shell were only able to 
open 1024 files at a time.

Expected Results:  The processes of user foo in a ssh-shell should be able to 
open more than 1024 files at a time.

Additional info:

uname -a:
Linux Foocomp 2.4.18-18.8.0smp #1 SMP Wed Nov 13 23:11:20 EST 2002 i686 athlon 
i386 GNU/Linux
Comment 1 Ed Price 2003-02-26 19:28:42 EST
i had exactly this problem myself.  pam_limits was not working, in the same way,
 on redhat 8.0, while it did work on redhat 7.3.

FWIW one thing i noticed was that if i set a user's limit LOWER than the
default, eg "nofile 100", it DID get applied when the user logged in via ssh. 
but i could not INCREASE the limit, which is what i needed to do.  (so i'd guess
it's some kind of privilege issue??)

thx for including that workaround ("UseLogin yes" in sshd_config).  it was an
effective workaround for me too.
Comment 2 Jeffrey Siegal 2003-09-08 18:02:14 EDT
I see the same issue on RH 9
Comment 3 Jeffrey Siegal 2003-09-08 18:05:15 EDT
UseLogin does not appear to be an effective workaround in my environment because
it is incompatible with X11Forwarding (see man sshd_config).
Comment 4 Tomas Mraz 2004-09-16 08:08:58 EDT
I don't se the problem with current pam and openssh as of Fedora Core 2.

Note You need to log in before you can comment on or make changes to this bug.