Re: [Debian 7] my custom nofile limits.conf setting doesnt work with sudo.
Hi.
On Tue, Feb 04, 2014 at 12:08:27PM +0100, Stefan Eriksson wrote:
> on a side not, this works ok, but it doesnt help me as I need the
> sudo command to see the correct limits aswell.
Wheezy's version of /etc/pam.d/sudo lacks this line:
session required pam_limits.so
So, every time you use sudo - you keep shell limits from the original
session.
> > debian6:/# egrep -r pam_limits /etc/pam.d/
> > /etc/pam.d/sshd:session required pam_limits.so
> > /etc/pam.d/cron:session required pam_limits.so
> > /etc/pam.d/su:session required pam_limits.so
> > /etc/pam.d/login:session required pam_limits.so
> > /etc/pam.d/sudo:session required pam_limits.so
And, as you can see above, squeeze's version of /etc/pam.d/sudo has
pam_limits.so.
> anyone seen this issue before or know if there is an added security
> option one has to active in wheezy?
I just add pam_limits.so to /etc/pam.d/sudo during upgrade to wheezy.
Reco
Reply to: