[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_limits broken in CVS...



On Thu, Mar 14, 2002 at 08:44:04PM +0100, Jan Rekorajski wrote:
> I want to congratulate the person who b0rken maxlogins
> limit in pam_limits (Nalin?).
> Try this:
> 
> *               hard    maxlogins       2
> 
> and see how many users will be able to login. This is _not_ desired
> behaviour.

Actually, you're pointing out a bigger problem with pam_limits -- large
chunks of its behavior are poorly defined, or completely undefined.

For example, look at this configuration line:
@users		hard	maxlogins	20

Does the sysadmin want to limit each member of the group to 20 logins
each (where members bob and joe can log in 20 times each), or limit the
number of logins by all members of the group at the same time (allowing
bob to only log in 5 times if joe is already logged in 15 times)?

I've stared at pam_limits for lengthy periods of time, and I have no idea
what the module's supposed to do here.  How about this:

@users		hard	maxlogins	10
@admins		hard	maxlogins	20

If you have a user who is in both groups, what's supposed to happen?

If a patch I submitted to the SourceForge tree or added to Red Hat's
package changed it to work in a way you don't like, then I'm sorry for
the inconvenience it's caused you, but I'm glad you found it before it
went out in an official release.

Cheers,

Nalin





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []