View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0007723 | Rocky-Linux-9 | bash | public | 2024-08-28 13:55 | 2024-08-29 15:51 |
| Reporter | Jeffrey Pinard | Assigned To | Louis Abel | ||
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | not fixable | ||
| Platform | Linux | OS | Rocky | OS Version | 9 |
| Summary | 0007723: Ulimit in Rocky 9 not returning same value vs RedHat 9 after ssh to box | ||||
| Description | I’ve setup a user in both Rocky 9.4 and RHEL 9.4. In /etc/security/limits.d/99-myuser.conf I added: username - nofile 65536 No limits.conf or file in limits.d/*.conf has nofile defined… When I su - username, ulimit -Sa and -Ha both show the correct soft/hard limit for nofile. But when I ssh into the box as username, the -Sa/-Ha no longer reflect the correct soft/hard limit for nofile setting. Goes back to 1024 and 524288. I did a strace on the ulimit call via ssh call. RedHat 9 shows this, which correctly reflects the 65536… prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=641024, rlim_max=641024}) = 0 But Rocky 9 shows this, which reflects the 1024… prlimit64(0, RLIMIT_NOFILE, NULL, {rlim_cur=1024, rlim_max=512*1024}) = 0 I’ve compared the sshd_config, pam.d configs between the two and no differences that would explain the soft limit. I know I can use systemd.conf to set LIMITNoFILE but only want to set for 1 user, not all users. Any idea what is going wrong? What config file to check?? Thank you. | ||||
| Steps To Reproduce | In /etc/security/limits.d/99-myuser.conf I added: username - nofile 65536 become username via "su - username", and run: ulimit -Sn and -Hn shows 65536 Now ssh from somewhere else into same box as username. then run: ulimit -Sn and ulimit -Hn and they reflect 1024 and 524288 | ||||
| Tags | No tags attached. | ||||
 |
Sorry, this seems to be caused by not using UsePAM yes in sshd_config. Once I added UsePAM yes to sshd, and restarted sshd, the ulimits were correctly applied to the username I set up. Can close the defect. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-08-28 13:55 | Jeffrey Pinard | New Issue | |
| 2024-08-29 15:50 | Jeffrey Pinard | Note Added: 0008292 | |
| 2024-08-29 15:51 | Louis Abel | Assigned To | => Louis Abel |
| 2024-08-29 15:51 | Louis Abel | Status | new => closed |
| 2024-08-29 15:51 | Louis Abel | Resolution | open => not fixable |
