<![CDATA[Dev1 Galaxy Forum / pam warns about cedeing another feature to systemd by default]]> https://dev1galaxy.org/viewtopic.php?id=7056 Thu, 06 Feb 2025 01:41:21 +0000 FluxBB <![CDATA[Re: pam warns about cedeing another feature to systemd by default]]> https://dev1galaxy.org/viewtopic.php?pid=54395#p54395 yeh, "centralizing" those configs under /etc/security/limits.conf for the global limits config and having the per program limits configs at /etc/security/limits.d/*.conf is a good thing, it sorta kinda follows the logic of /etc/sysctl.d/*.conf configs and makes setting the limits and max map count as easy as just writing 2 files.

]]> Thu, 06 Feb 2025 01:41:21 +0000 https://dev1galaxy.org/viewtopic.php?pid=54395#p54395 <![CDATA[pam warns about cedeing another feature to systemd by default]]> https://dev1galaxy.org/viewtopic.php?pid=54393#p54393 I've just apt-get dist-upgrade'd my excalibur, and was told this:

pam (1.7.0-1) unstable; urgency=medium

    Starting with pam 1.7.0, pam_limits does not automatically reset the
    limits of logged in users. This means that systemd, rather than pam will
    set the defaults for things like number of open files and other resource
    limits. If limits are configured in /etc/security/limits.conf or
    /etc/security/limits.d/*.conf, these values will be respected. To
    restore the previous behavior, add the set_all option to pam_limits.
    For example in /etc/pam.d/ssh, replace:

    session    required     pam_limits.so

    with:

    session    required     pam_limits.so set_all

Are we aware of this change?

]]> Wed, 05 Feb 2025 23:28:29 +0000 https://dev1galaxy.org/viewtopic.php?pid=54393#p54393