Ubuntu
pam package

should load kernel rlimits instead of hardcoding internal defaults

Bug #746655 reported by Kees Cook on 2011-03-31

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	pam (Ubuntu)	Fix Released	Medium	Kees Cook

Bug Description

Since the kernel sets a number of dynamic rlimits based on the system properities (e.g. physical memory for nproc), these rlimits should be respected by PAM. Parse /proc/1/limits for the kernel-defined rlimits.

E.g. see bug 391761.

Tags:

Related branches

lp:debian/pam

Revision history for this message

Kees Cook (kees) wrote on 2011-03-31:

pam_1.1.2-2ubuntu7~kees1.debdiff Edit (8.1 KiB, text/plain)

Here is a first-pass at the kernel rlimit parser...

Changed in pam (Ubuntu):
assignee:	nobody → Kees Cook (kees)
importance:	Undecided → Low
status:	New → Fix Committed
tags:	added: patch
Changed in pam (Ubuntu):
importance:	Low → Medium

Revision history for this message

Kees Cook (kees) wrote on 2011-03-31:

https://fedorahosted.org/pipermail/pam-developers/2011-March/000017.html

Revision history for this message

Steve Langasek (vorlon) wrote on 2011-06-04:

Fixed in oneiric with the merge of pam 1.1.2-3. Changelog entry:

pam (1.1.2-3) unstable; urgency=low

  [ Kees Cook ]
  * 027_pam_limits_better_init_allow_explicit_root: load rlimit defaults
    from the kernel (via /proc/1/limits), instead of continuing to hardcode
    the settings internally. Fall back to internal defaults when the kernel
    rlimits are not found. Closes: #620302. (LP: #746655, #391761)

  * Updated debconf translations:
    - Vietnamese, thanks to Clytie Siddall <email address hidden>
      (closes: #601197)
    - Dutch, thanks to Eric Spreen <email address hidden> (closes: #605592)
    - Danish, thanks to Joe Dalton <email address hidden> (closes: #606739)
    - Catalan, thanks to Innocent De Marchi <email address hidden>
      (closes: #622786)