[systemd-devel] systemd user instance and raising limits
Jeff Solomon
jsolomon8080 at gmail.com
Mon Nov 20 17:47:37 UTC 2017
I guess the answer is "no." :)
This is Ubuntu 16.04. On CentOS7.3, pam_limits is part of systemd-user
through system-auth
Here is /etc/pam.d/systemd-user from my Ubuntu system:
# This file is part of systemd.
#
# Used by systemd --user instances.
@include common-account
session required pam_selinux.so close
session required pam_selinux.so nottys open
@include common-session-noninteractive
session optional pam_systemd.so
So on RHEL systems, it doesn't matter that is works because user instances
are officially not included and it just doesn't work on Ubuntu because
pam_limits is not used by systemd-user.
I find it odd that two major distros differ in this behavior.
On Mon, Nov 20, 2017 at 9:23 AM, Lennart Poettering <lennart at poettering.net>
wrote:
> On Mo, 20.11.17 09:20, Jeff Solomon (jsolomon8080 at gmail.com) wrote:
>
> > Lennart,
> >
> > Your explanation sounds great but it's just not what I'm seeing.
> >
> > My user at .service has "PAMName=systemd-user" in the [Service] section.
> >
> > I have setup limits for the user in /etc/security/limits.d/foo.conf.
> >
> > I have no other limit overrides in any other systemd file.
> >
> > Whether I reboot or "systemctl restart user@<uid>" I see the same thing.
> > That is, the limits set through pam_limits are not respected.
> >
> > I consistently see that if I login as that user, then "ulimit -a" shows
> the
> > values I expect from pam_limits while "cat /proc/<pid>/limits" for the
> user
> > instance process or its children do not.
>
> Is pam_limits even enabled for the "systemd-user" PAM fragment on your
> distro?
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20171120/44dd9bb0/attachment.html>
More information about the systemd-devel
mailing list