/etc/security/limits.conf not loaded on boot

Please find below bug report.

What is done:

sudo mkdir -p /etc/security/
sudo vi /etc/security/limits.conf
  user1 - priority -20
  user2 - priority -20
  user3 - priority -20

(file properly saved)

sudo reboot

[user1@CLR] $ nice
0

Expected:

[user1@CLR] $ nice
-20

Please kindly implement expected behaviour.
@ahkok

How did you login? did you login from the console? remotely over ssh?

[user1@CLR] $ nice

I don’t recognize this prompt format

I’m investigating this issue, may move it to our external github issue tracker.

Short answer: this is working as intended - manual steps are needed to make this work.

This isn’t a bug. By default pam_limits isn’t enabled for console logins and several other ways to switch user.

I’ve researched several other distributions and I don’t see this done differently in other distro’s (maybe there are some, but it appears at least that this isn’t standard).

The reason is pam_limits isn’t included in su or login or common-auth pam files. You can still manually set this up:

  • copy common-auth, su and maybe others from /usr/share/pam.d to /etc/pam.d
  • Modify it and add session required pam_limits.so to the relevant ones
  • create your /etc/security/limits.conf file as needed
1 Like

@ahkok thank you very much. will give comments to both of your posts.

  1. I am logging in via ssh and via HP Integrated Remote Console.
  2. Thank you for checking the other distros and giving the guideline on how to try to make this work.
    Still it did not work.

What I did:
ssh login,

  1. copied common-auth , su and sshd from /usr/share/pam.d to /etc/pam.d
  2. added session required pam_limits.so to three files above
  3. created /etc/security/limits.conf
  4. reboot, log in via ssh.
    nice is still 0 instead of -20 (as in limits.conf for this user).

What exact files have to be copied to /etc/pam.d? If required I can send you all the files I created, etc.

For ssh you need to copy and modify /usr/share/pam.d/common-session.

If that last step also doesn’t work, there is another bug happening and we’ll need to delve even deeper.

Did the last step, still no success.

  1. copied common-session from /usr/share/pam.d to /etc/pam.d
  2. added session required pam_limits.so to the file above
  3. reboot, log in via ssh.
    nice is still 0 instead of -20 (as in limits.conf for this user).

I’m working on a fix for this…

2 Likes