On Thu, 2011-03-31 at 15:16 -0700, Kees Cook wrote:
Since the kernel sets a number of dynamic rlimits based on the
system
properties (e.g. physical memory for nproc), these rlimits should be
respected by PAM. Parse /proc/1/limits for the kernel-defined rlimits.
Please provide a better rationale for the patch. The pam_limits module
will not change any limits that are not set in the configuration file.
And for the limits that are set there, the value in the configuration
file should be respected. If I understand your patch correctly, you
basically want to reset the limit to the values set on the init process.
This definitely should not be a default behavior.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb