On 03/05/2011 11:10 PM, Milan Zamazal wrote: > I've found where the problem originates: > > The "Permission denied" message is caused by the error code returned > from pam_open_session call in /bin/login. When I commented out the > following line in /etc/pam.d/login, the problem disappeared: > > session required pam_limits.so > > This is weird as I can't see any reason why this should fail. So I > debugged the pam_limit module and found it returns failure because of > the following call: > > status = setpriority(PRIO_PROCESS, 0, pl->priority); > > where pl->priority is 0. > > I commented out the following line in the container configuration > > lxc.cap.drop = sys_nice > > and now I can log in even with pam_limits enabled. > > Considering the fact the problem appears somewhat irregularly as I've > described in my previous posts, I guess there must be a bug somewhere, > otherwise it makes no sense to me. > > What do you think?
Hi Milan, Nice analysis. Sorry for the dumb question but are you sure the 'setpriority' call is done when the login succeed ? ------------------------------------------------------------------------------ What You Don't Know About Data Connectivity CAN Hurt You This paper provides an overview of data connectivity, details its effect on application quality, and explores various alternative solutions. http://p.sf.net/sfu/progress-d2d _______________________________________________ Lxc-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lxc-users
