[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Reset of limits with su / new session

Hi all,

while wondering about missing ulimits for an interactive session scheduled by SGE (SUN GridEngine) to a node in a cluster running on Debian (which is working fine with other Linux distributions), I also found, that each user can increase his limits again by a simple su to his own account:

$ ulimit -t 55
$ ulimit -aH
cpu time             (seconds, -t) 55
$ su - reuti
$ ulimit -aH
cpu time             (seconds, -t) unlimited

Digging around I finally found this:

--- pam-0.76.orig/debian/patches-applied/
+++ pam-0.76/debian/patches-applied/
@@ -0,0 +1,100 @@
+Allow explicit limits for root.
+Also, remove limits on su.
+Index: Linux-PAM/modules/pam_limits/pam_limits.c

Seems, that I can get the desired behavior by changing this back. But more interesting is the question: why was this patch applied to pam_ulimits.c in Debian? What is the advantage of allowing a user to circumvent any imposed limits?

Cheers - Reuti

Reply to: