I'm administrator of modem pool. I'm using mgetty+pppd+pap to authorize users. Some users share login and password with friends and try to log twice. To prevent this, I decided to add "session required pam_limits.so" to /etc/pam.d/ppp and set maxlogins to 1 in /etc/security/limits.conf. It worked for all other services, but not for pppd. Looking at pppd sources, I found that it call pam_open_session, but doesn't check what this function return. With my patch everything is OK This bug is present even in 5.2 and maybe before. Looks like nobody tried to use pam_limits with pppd...
Created attachment 141 [details] Patch to fix the problem
Applied the patch, after changing the '==' to a '='. This will be fixed in ppp-2.3.11-4 and put into our tree as soon as possible.
The fix is now in the devel tree, and will propagate to Raw Hide whenever we next we refresh it.