Bug 79517 - limits.conf does not have any effect in a shell that was opened by logging in with ssh
Summary: limits.conf does not have any effect in a shell that was opened by logging i...
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: pam   
(Show other bugs)
Version: 8.0
Hardware: i386 Linux
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Jay Turner
Depends On:
TreeView+ depends on / blocked
Reported: 2002-12-12 17:17 UTC by Mathias Retzlaff
Modified: 2015-01-08 00:02 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-16 12:08:58 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Mathias Retzlaff 2002-12-12 17:17:13 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; UiuqmHmqouVilORJ)

Description of problem:
My /etc/security/limits.conf looks like this:

## Start /etc/security/limits.conf
foo	soft    nofile   16384
*	soft    nofile    1024
*	hard    nofile   16384
## End

So `ulimit -n` should output "1024" for every user except for foo.

I was working with RedHat7.3 and this was doing fine.
Now I installed RedHat8.0 and the following problem occures:

When I log in locally everything works as intended.
But when I remotely log in with ssh as user foo, `ulimit -n` outputs "1024" and 
not "16384" as expected.

Ant not only ulimit outputs the wrong numbers, the processes I start as user 
foo are really only allowed to open 1024 files at the same time.

A workaround I found was enabling the "UseLogin" Option 
in /etc/ssh/sshd_config.   -> (UseLogin yes)

But with RH7.3 it worked without this option set.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Install RedHat8.0 with sshd and latest updates
2.Enter the example value in /etc/security/limits.conf
3.Log in with ssh as user foo.

Actual Results:  The processes of user foo in a ssh-shell were only able to 
open 1024 files at a time.

Expected Results:  The processes of user foo in a ssh-shell should be able to 
open more than 1024 files at a time.

Additional info:

uname -a:
Linux Foocomp 2.4.18-18.8.0smp #1 SMP Wed Nov 13 23:11:20 EST 2002 i686 athlon 
i386 GNU/Linux

Comment 1 Ed Price 2003-02-27 00:28:42 UTC
i had exactly this problem myself.  pam_limits was not working, in the same way,
 on redhat 8.0, while it did work on redhat 7.3.

FWIW one thing i noticed was that if i set a user's limit LOWER than the
default, eg "nofile 100", it DID get applied when the user logged in via ssh. 
but i could not INCREASE the limit, which is what i needed to do.  (so i'd guess
it's some kind of privilege issue??)

thx for including that workaround ("UseLogin yes" in sshd_config).  it was an
effective workaround for me too.

Comment 2 Jeffrey Siegal 2003-09-08 22:02:14 UTC
I see the same issue on RH 9

Comment 3 Jeffrey Siegal 2003-09-08 22:05:15 UTC
UseLogin does not appear to be an effective workaround in my environment because
it is incompatible with X11Forwarding (see man sshd_config).

Comment 4 Tomas Mraz 2004-09-16 12:08:58 UTC
I don't se the problem with current pam and openssh as of Fedora Core 2.

Note You need to log in before you can comment on or make changes to this bug.