[Pkg-shadow-devel] Bug#310185: login: If I want to use "su" then I allways get "su: permission denied"
Nicolas François
Nicolas François <nicolas.francois@centraliens.net>, 310185@bugs.debian.org
Sun, 22 May 2005 19:22:18 +0200
Hello Martin,
On Sun, May 22, 2005 at 06:37:30PM +0200, Martin Wodrich wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Roger Leigh schrieb:
>
> >>> This is my new version (comments removed):
> >>> auth sufficient pam_rootok.so
> >>> @include common-auth
> >>> @include common-account
> >>> @include common-session
> >>> session optional pam_limits.so
> > That looks fine.
>
> That the version after I can fix the su-Problem
> myself. Befor the fix the last line was:
>
> session required pam_limits.so
You can maybe keep pam_limits "required" if you tune
/etc/security/limits.conf.
You should have something like:
pam_limits[...]:setrlimit limit #... failed: Operation not permitted;...
in your vserver logs
On a vserver, you may not be able to set an unlimited limit (-1 value),
which may be the failure cause (looking on google, it seems that on a
vserver, you can limit NPROC and RSS; pam_limit may not be able to set
limits higher than these values).
Failures on setting NPROC limit should display:
pam_limits[...]:setrlimit limit #6 to soft=-1, hard=-1 ...
Failures on setting RSS limit should display:
pam_limits[...]:setrlimit limit #5 to soft=-1, hard=-1 ...
Kind Regards,
--
Nekral