Re: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.

To: debian-user@lists.debian.org
Subject: Re: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
From: Reco <recoverym4n@gmail.com>
Date: Tue, 4 Feb 2014 15:50:53 +0400
Message-id: <20140204115052.GA25051@x101h>
In-reply-to: <52F0CA2B.40608@glesys.se>
References: <52F0CA2B.40608@glesys.se>

Hi.

On Tue, Feb 04, 2014 at 12:08:27PM +0100, Stefan Eriksson wrote:
> on a side not, this works ok, but it doesnt help me as I need the
> sudo command to see the correct limits aswell.

Wheezy's version of /etc/pam.d/sudo lacks this line:

session    required   pam_limits.so

So, every time you use sudo - you keep shell limits from the original
session.

> > debian6:/# egrep -r pam_limits /etc/pam.d/
> > /etc/pam.d/sshd:session    required     pam_limits.so
> > /etc/pam.d/cron:session    required   pam_limits.so
> > /etc/pam.d/su:session    required   pam_limits.so
> > /etc/pam.d/login:session    required   pam_limits.so
> > /etc/pam.d/sudo:session required pam_limits.so

And, as you can see above, squeeze's version of /etc/pam.d/sudo has
pam_limits.so.

> anyone seen this issue before or know if there is an added security
> option one has to active in wheezy?

I just add pam_limits.so to /etc/pam.d/sudo during upgrade to wheezy.

Reco

Reply to:

Follow-Ups:
- Re: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
  - From: Stefan Eriksson <stefan@glesys.se>

References:
- [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
  - From: Stefan Eriksson <stefan@glesys.se>

Prev by Date: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
Next by Date: How to do proper PAM modul configuration? (was: Testing: Warning messages from su within cron)
Previous by thread: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
Next by thread: Re: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
Index(es):
- Date
- Thread