Citeren Alain Fauconnet <[EMAIL PROTECTED]>: > On Fri, Apr 21, 2006 at 10:34:07AM +0200, Ariën Huisken wrote: >> > Hmmm... I use it with success on a web hosting box that has >> > this line in /etc/security/limits.conf: >> > >> > @webmastr - maxlogins 2 >> > >> > "webmastr" is an /etc/group entry. Works for me (for SSH connections >> > and logins on the physical console, tested). I use TSL 2.2. >> > >> > I'd try replacing "hard" by "-" first, because "hard" doesn't apply >> > for a login limit. >> > Don't think that the "*" vs. "@group" would change a thing... >> >> I's not working, I tried: >> >> * - maxlogins 1 >> >> Could still log in more than once and nothing shows up in the logs :( >> Tested with a standard user, not root. > > Hmmm... you do have that line: > session required /lib/security/pam_limits.so > in /etc/pam.d/login and /etc/pam.d/system-auth, don't you? > > Is this Trustix 2.2? > > Would you post your /etc/security/limits.conf please?
[EMAIL PROTECTED] /# cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so [EMAIL PROTECTED] /# [EMAIL PROTECTED] /# cat /etc/pam.d/login #%PAM-1.0 auth requisite /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth required /lib/security/pam_pwdb.so account required /lib/security/pam_access.so account required /lib/security/pam_pwdb.so session required /lib/security/pam_motd.so session required /lib/security/pam_limits.so session required /lib/security/pam_pwdb.so [EMAIL PROTECTED] /# [EMAIL PROTECTED] /# cat /etc/security/limits.conf # /etc/security/limits.conf # #Each line describes a limit for a user in the form: # #<domain> <type> <item> <value> # #Where: #<domain> can be: # - an user name # - a group name, with @group syntax # - the wildcard *, for default entry # - the wildcard %, can be also used with %group syntax, # for maxlogin limit # #<type> can have the two values: # - "soft" for enforcing the soft limits # - "hard" for enforcing hard limits # #<item> can be one of the following: # - core - limits the core file size (KB) # - data - max data size (KB) # - fsize - maximum filesize (KB) # - memlock - max locked-in-memory address space (KB) # - nofile - max number of open files # - rss - max resident set size (KB) # - stack - max stack size (KB) # - cpu - max CPU time (MIN) # - nproc - max number of processes # - as - address space limit # - maxlogins - max number of logins for this user # - priority - the priority to run user process with # - locks - max number of file locks the user can hold # #<domain> <type> <item> <value> # #* soft core 0 #* hard rss 10000 [EMAIL PROTECTED] hard nproc 20 [EMAIL PROTECTED] soft nproc 20 [EMAIL PROTECTED] hard nproc 50 #ftp hard nproc 0 [EMAIL PROTECTED] - maxlogins 4 * - maxlogins 1 # End of file -- Ariën Huisken _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
