Your message dated Sun, 1 Aug 2021 14:53:16 +0200
with message-id <[email protected]>
and subject line Re: Bug#641607: User limit 'open files' (and probably others)
does not work properly with sudo
has caused the Debian Bug report #641607,
regarding User limit 'open files' (and probably others) does not work properly
with sudo
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
641607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641607
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sudo
Version: 1.7.4p4-2.squeeze.2
Severity: normal
The current behavior of sudo together with user limits is broken. It did work
properly on Lenny.
We run a Java/Tomcat app that needs lots of file descriptors. The app is
started by loggin in with a presonal user account,
'sudo'ing into an application account, then starting Tomcat.
/etc/security/limits.conf:
* hard nofile 64000
* soft nofile 64000
$ ssh host
dg@host:~$ ulimit -n
64000
So far so good.
dg@host:~$ sudo su - mn
[sudo] password for dg:
mn@host:~$ ulimit -n
1024
mn@host:~$ ulimit -n 64000
-su: ulimit: open files: cannot modify limit: Operation not permitted
As you can see, the 'open files' limit gets lost on the user change. This was
not the case with Lenny.
Workaround: Add this to /etc/security/limits.conf:
root hard nofile 64000
root soft nofile 64000
Now it works as it did on Lenny.
I have read in some other bug report that '*' in limits.conf does not apply to
'root' in Debian. This is not true for Lenny,
but that is the behavior on Squeeze. So I guess that the 'fix' for this
Debian-specific behaviour actually broke sudo...
(Sorry about the package, I don't know if it is a sudo bug or rather
pam-whatever)
Best regards,
David Gubler, Doodle AG
-- System Information:
Debian Release: 6.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.39-bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sudo depends on:
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libpam-modules 1.1.1-6.1 Pluggable Authentication Modules f
ii libpam0g 1.1.1-6.1 Pluggable Authentication Modules l
sudo recommends no packages.
sudo suggests no packages.
-- Configuration Files:
/etc/sudoers.d/README [Errno 13] Permission denied: u'/etc/sudoers.d/README'
-- no debconf information
--- End Message ---
--- Begin Message ---
On Mon, Feb 22, 2021 at 04:52:32PM +0100, Marc Haber wrote:
> If you don't reply, I plan to close this issue by the end of June 2021.
Closing this issue now.
Greetings
Marc
--- End Message ---
