OpenSSH-1.2.3: More info on ulimit problem
Jim Knoble
jmknoble at pobox.com
Thu Mar 30 21:23:57 EST 2000
På 2000-Mar-29 klokka 01:26:32 -0500 skrivet Jim Knoble:
: The ulimit problem appears to have reared its head again with
: openssh-1.2.3, under Red Hat Linux 6.1 (kernel-2.2.12, glibc-2.1.2,
: egcs-1.1.2, openssl-0.9.5, pam-0.68, pwdb-0.60):
[...]
: $ ssh localhost
: Last login: Wed Mar 29 01:10:36 2000 from quipu.earth
: You have mail.
: ulimit: cannot raise limit: Operation not permitted
: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Further info: openssh-1.2.3 appears to be ignoring /etc/pam.d/sshd.
The following pam file ought not to allow me to login via ssh:
#%PAM-1.0
auth required /lib/security/pam_deny.so
account required /lib/security/pam_deny.so
password required /lib/security/pam_deny.so
session required /lib/security/pam_deny.so
Yet, i can still log in as though nothing were wrong. sshd appears to
be linked against the PAM libs:
# ldd /usr/sbin/sshd
libdl.so.2 => /lib/libdl.so.2 (0x40018000)
libnsl.so.1 => /lib/libnsl.so.1 (0x4001c000)
libz.so.1 => /usr/lib/libz.so.1 (0x40032000)
libutil.so.1 => /lib/libutil.so.1 (0x40041000)
libpam.so.0 => /lib/libpam.so.0 (0x40044000)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
libcrypto.so.0 => /usr/lib/libcrypto.so.0 (0x4004c000)
libc.so.6 => /lib/libc.so.6 (0x400fd000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
And i'm certain i didn't build with '--without-pam':
$ grep -B 2 -A 7 '\./configure' openssh.jmk.spec
%build
CFLAGS="${RPM_OPT_FLAGS}" \
./configure \
--prefix="%{Prefix}" \
--sysconfdir="%{EtcDir}" \
--with-ipv4-default \
--with-tcp-wrappers \
--with-default-path="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
make
I'm mystified. Damien, can you confirm whether anything similar to
this is happening for you under RHL-6.1?
--
jim knoble
jmknoble at pobox.com
More information about the openssh-unix-dev
mailing list