[ale] sshd and PAM

Chris Ricker kaboom at gatech.edu
Thu Nov 20 09:36:05 EST 2003


On Wed, 19 Nov 2003, Joe Bayes wrote:

> Wouldn't the 
> password   required     pam_stack.so service=system-auth
> line also get replaced by all the "password" lines in
> /etc/pam.d/system-auth as well? (In this case, it would be ignored, right?)

Yes. I wasn't paying attention when I made those, and forgot to include 
some password stuff in the system-auth file. Sorry about that ;-)

> >If you post /etc/pam.d/system-auth in addition to the /etc/pam.d/sshd, then 
> >we can piece them together and figure it out....
> 
> Okay, get this. /etc/pam.d/system-auth contains the following two
> "session" lines:
> session     required      /lib/security/$ISA/pam_limits.so
> session     required      /lib/security/$ISA/pam_unix.so
> 
> /etc/security/limits.conf contains a bunch of comments, and 
> *              soft    core            50000
> *              hard    core            100000
> 
> When I comment out the "hard" line, I can ssh in. When I don't, I
> can't. Isn't that line just supposed to limit the size of a core dump
> to 100K? I played with the size of the limit, and it still prevents me
> from logging in with the limit at 1 or 100000, but at 0 (which iirc
> means "unlimited") I can log in. 
> 
> Anyways, I can just comment out the line and problem solved, so thanks
> for your help. This is something that *should* work, though, right? If
> so, and if somebody can confirm it on their system, I'll submit a bug
> report.

That should work, and it does work on the laptop I'm on right now. Weird.

later,
chris



More information about the Ale mailing list