From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; UiuqmHmqouVilORJ) Description of problem: My /etc/security/limits.conf looks like this: ## Start /etc/security/limits.conf foo soft nofile 16384 * soft nofile 1024 * hard nofile 16384 ## End So `ulimit -n` should output "1024" for every user except for foo. I was working with RedHat7.3 and this was doing fine. Now I installed RedHat8.0 and the following problem occures: When I log in locally everything works as intended. But when I remotely log in with ssh as user foo, `ulimit -n` outputs "1024" and not "16384" as expected. Ant not only ulimit outputs the wrong numbers, the processes I start as user foo are really only allowed to open 1024 files at the same time. A workaround I found was enabling the "UseLogin" Option in /etc/ssh/sshd_config. -> (UseLogin yes) But with RH7.3 it worked without this option set. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Install RedHat8.0 with sshd and latest updates 2.Enter the example value in /etc/security/limits.conf 3.Log in with ssh as user foo. Actual Results: The processes of user foo in a ssh-shell were only able to open 1024 files at a time. Expected Results: The processes of user foo in a ssh-shell should be able to open more than 1024 files at a time. Additional info: uname -a: Linux Foocomp 2.4.18-18.8.0smp #1 SMP Wed Nov 13 23:11:20 EST 2002 i686 athlon i386 GNU/Linux
i had exactly this problem myself. pam_limits was not working, in the same way, on redhat 8.0, while it did work on redhat 7.3. FWIW one thing i noticed was that if i set a user's limit LOWER than the default, eg "nofile 100", it DID get applied when the user logged in via ssh. but i could not INCREASE the limit, which is what i needed to do. (so i'd guess it's some kind of privilege issue??) thx for including that workaround ("UseLogin yes" in sshd_config). it was an effective workaround for me too.
I see the same issue on RH 9
UseLogin does not appear to be an effective workaround in my environment because it is incompatible with X11Forwarding (see man sshd_config).
I don't se the problem with current pam and openssh as of Fedora Core 2.