[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: recent update to pam causing non-root ssh logins to fail?



Why don't you do a test without those changes in /etc/security/limits?

	-----Original Message----- 
	From: pam-list-bounces redhat com on behalf of Robert P. J. Day 
	Sent: Thu 11/25/2004 8:20 PM 
	To: Pluggable Authentication Modules 
	Cc: 
	Subject: Re: recent update to pam causing non-root ssh logins to fail?
	
	

	On Thu, 25 Nov 2004, Tomas Mraz wrote:
	
	> On Thu, 2004-11-25 at 06:53 -0500, Robert P. J. Day wrote:
	> >   recently, my fedora core 2 system started rejecting ssh logins to my
	> > non-root account on that system.  if, from a remote system, i ssh to
	> > root, no problem.  if i ssh to my regular account, the connection is
	> > closed.
	
	> >  account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
	
	> This isn't the culprit.
	
	i'm willing to believe it's not the actual culprit but, as i read it
	(not being a PAM expert), it certainly allows uid < 100 logins.
	what seems to be missing is some additional rules that still allow uid
	greater than 100 logins, right?
	
	> > which clearly is what allows me to ssh in as root, but not as me.
	> > should i simply change that value?  or is there a cleaner way to
	> > do this?  thanks.
	
	> Have you possibly changed something in /etc/security/limits.conf
	> file recently? What is it's contents?
	
	yes.  i added some content to support oracle 10g.  here are the
	*total* non-commented contents of the limits.conf file:
	
	*               soft    nproc   2047
	*               hard    nproc   16384
	*               soft    nofile  1024
	*               hard    nofile  65536
	
	it doesn't *look* like any of those should cause a problem.  more
	thoughts?
	
	rday
	
	_______________________________________________
	Pam-list mailing list
	Pam-list redhat com
	https://www.redhat.com/mailman/listinfo/pam-list
	

<<winmail.dat>>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]