[ale] sshd and PAM
Chris Ricker
kaboom at gatech.edu
Thu Nov 20 09:36:05 EST 2003
On Wed, 19 Nov 2003, Joe Bayes wrote:
> Wouldn't the
> password required pam_stack.so service=system-auth
> line also get replaced by all the "password" lines in
> /etc/pam.d/system-auth as well? (In this case, it would be ignored, right?)
Yes. I wasn't paying attention when I made those, and forgot to include
some password stuff in the system-auth file. Sorry about that ;-)
> >If you post /etc/pam.d/system-auth in addition to the /etc/pam.d/sshd, then
> >we can piece them together and figure it out....
>
> Okay, get this. /etc/pam.d/system-auth contains the following two
> "session" lines:
> session required /lib/security/$ISA/pam_limits.so
> session required /lib/security/$ISA/pam_unix.so
>
> /etc/security/limits.conf contains a bunch of comments, and
> * soft core 50000
> * hard core 100000
>
> When I comment out the "hard" line, I can ssh in. When I don't, I
> can't. Isn't that line just supposed to limit the size of a core dump
> to 100K? I played with the size of the limit, and it still prevents me
> from logging in with the limit at 1 or 100000, but at 0 (which iirc
> means "unlimited") I can log in.
>
> Anyways, I can just comment out the line and problem solved, so thanks
> for your help. This is something that *should* work, though, right? If
> so, and if somebody can confirm it on their system, I'll submit a bug
> report.
That should work, and it does work on the laptop I'm on right now. Weird.
later,
chris
More information about the Ale
mailing list