Reset of limits with su / new session

To: debian-devel <debian-devel@lists.debian.org>
Subject: Reset of limits with su / new session
From: Reuti <reuti@staff.uni-marburg.de>
Date: Tue, 17 Jan 2006 09:44:10 +0100
Message-id: <[🔎] F21A58BF-8248-44F9-9465-8F3519E6ACCD@staff.uni-marburg.de>

Hi all,

while wondering about missing ulimits for an interactive sessionscheduled by SGE (SUN GridEngine) to a node in a cluster running onDebian (which is working fine with other Linux distributions), I alsofound, that each user can increase his limits again by a simple su tohis own account:


$ ulimit -t 55
$ ulimit -aH
...
cpu time             (seconds, -t) 55
...
$ su - reuti
Password:
$ ulimit -aH
...
cpu time             (seconds, -t) unlimited
...

Digging around I finally found this:

--- pam-0.76.orig/debian/patches-applied/
027_pam_limits_better_init_allow_explicit_root
+++ pam-0.76/debian/patches-applied/
027_pam_limits_better_init_allow_explicit_root
@@ -0,0 +1,100 @@
+Allow explicit limits for root.
+Also, remove limits on su.
+Index: Linux-PAM/modules/pam_limits/pam_limits.c

Seems, that I can get the desired behavior by changing this back. Butmore interesting is the question: why was this patch applied topam_ulimits.c in Debian? What is the advantage of allowing a user tocircumvent any imposed limits?


Cheers - Reuti

Reply to:

Follow-Ups:
- Re: Reset of limits with su / new session
  - From: Loïc Minier <lool+debian@via.ecp.fr>

Prev by Date: Re: [ad-hominem construct deleted]
Next by Date: Re: making more packages binary NMU safe
Previous by thread: Re: when and why did python(-minimal) become essential?
Next by thread: Re: Reset of limits with su / new session
Index(es):
- Date
- Thread