Hello,
Quick and dirty solution : you can edit the
files that refer to pam_limits.so in your /etc/pam.d/
Generally, system-auth is concerned. You simply have to comment the line
that refers to pam_limits
#session required pam_limits.so
The cause of the problem is that pam_limits try to set limits that are
already sets _outside_ of the guest.
If you want to play with the limits sets, you can modifiy
/etc/security/limits.conf of the guest...
[ All this was tested on a Mandriva guest but it sould be similar for
other systems ]
Ben
Nikolay Kichukov a écrit :
Hello everybody,
I found out in thread
http://list.linux-vserver.org/archive/vserver/msg10043.html that
Thorsten Gunkel was having the same issue I experience right now with
pam limits generating a lot of error output in the auth.log file on the
guest.
/var/log/auth.log :
snip...
Jun 15 14:09:01 vn pam_limits[20957]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:09:01 vn CRON[20957]: (pam_unix) session closed for user root
Jun 15 14:10:01 vn CRON[20973]: (pam_unix) session opened for user
venkas by (uid=0)
Jun 15 14:10:01 vn pam_limits[20973]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20973]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20973]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20973]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn CRON[20975]: (pam_unix) session opened for user
venkas by (uid=0)
Jun 15 14:10:01 vn pam_limits[20975]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20975]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20975]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20975]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn CRON[20977]: (pam_unix) session opened for user
venkas by (uid=0)
Jun 15 14:10:01 vn CRON[20978]: (pam_unix) session opened for user
psycho by (uid=0)
Jun 15 14:10:01 vn CRON[20981]: (pam_unix) session opened for user
o2crew by (uid=0)
Jun 15 14:10:01 vn CRON[20982]: (pam_unix) session opened for user
o2crew by (uid=0)
Jun 15 14:10:01 vn CRON[20979]: (pam_unix) session opened for user
o2crew by (uid=0)
Jun 15 14:10:01 vn pam_limits[20977]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20978]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn CRON[20975]: (pam_unix) session closed for user venkas
Jun 15 14:10:01 vn pam_limits[20981]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20982]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20979]: setrlimit limit #6 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20977]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn CRON[20973]: (pam_unix) session closed for user venkas
Jun 15 14:10:01 vn pam_limits[20978]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20981]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20982]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20979]: setrlimit limit #8 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20977]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20978]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20981]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20982]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20979]: setrlimit limit #11 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20977]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20978]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20981]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20982]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
Jun 15 14:10:01 vn pam_limits[20979]: setrlimit limit #12 to soft=-1,
hard=-1 failed: Operation not permitted; uid=0 euid=0
snip...
I am running:
Versions:
Kernel: 2.6.16.11-vs2.1.1-rc19nevir
VS-API: 0x000100ff
util-vserver: 0.30.210; Jun 8 2006, 11:16:27
Features:
CC: gcc, gcc (GCC) 4.0.3 (Debian 4.0.3-1)
CXX: g++, g++ (GCC) 4.0.3 (Debian 4.0.3-1)
CPPFLAGS: ''
CFLAGS: '-g -O2 -std=c99 -Wall -pedantic -W
-funit-at-a-time'
CXXFLAGS: '-g -O2 -ansi -Wall -pedantic -W
-fmessage-length=0 -funit-at-a-time'
build/host: i686-pc-linux-gnu/i686-pc-linux-gnu
Use dietlibc: yes
Build C++ programs: yes
Build C99 programs: yes
Available APIs: compat,v11,fscompat,v13,net,oldproc,olduts
ext2fs Source: e2fsprogs
syscall(2) invocation: alternative
vserver(2) syscall#: 273/glibc
Paths:
prefix: /usr/local
sysconf-Directory: /etc
cfg-Directory: /etc/vservers
initrd-Directory: $(sysconfdir)/init.d
pkgstate-Directory: ${prefix}/var/run/vservers
vserver-Rootdir: /var/lib/vservers/
How can this problem be solved?
Regards,
-Nikolay Kichukov
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
--
Benoit des Ligneris Ph. D.
President de Revolution Linux http://www.revolutionlinux.com/
OSCAR http://oscar.openclustergroup.org/
EduLinux http://www.edulinux.org/
Toutes les opinions et les prises de position exprimées dans ce courriel
sont celles de son auteur et ne répresentent pas nécessairement celles
de Révolution Linux
Any views and opinions expressed in this email are solely those of the
author and do not necessarily represent those of Revolution Linux
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver