PAM, LDAP and pam_mkhomedir
Nalin Dahyabhai
nalin at redhat.com
Thu Feb 19 20:10:00 UTC 2004
On Thu, Feb 19, 2004 at 08:36:24PM +0100, Matthias Saou wrote:
> Nalin Dahyabhai wrote :
> > SSHD is performing session setup as the user, not as root. This gets
> > flipflopped every now and again to try to make pam_limits work (which
> > can't be fixed 100% within the framework PAM provides, sigh).
>
> That figures. I guess I'm stuck wrt sshd and pam_mkhomedir then, and this
> also explains why my last attempts at making pam_limits works were equally
> unsuccessful.
I guess I should clarify that, if only for the archives. Some limits
(maximum number of processes) need to be set as the user (after sshd
drops privileges), and some (core limit, stack size, anything that
raises limits) need to be set as root (before sshd drops privileges).
This requires more flexibility than PAM can supply within a single call
to pam_open_session().
Cheers,
Nalin
More information about the test
mailing list