[lxc-users] oracle linux 7 in LXC: ulimit problem for root
Harald Dunkel
harald.dunkel at aixigo.de
Wed Nov 25 15:54:13 UTC 2015
On 11/25/2015 02:27 PM, Tamas Papp wrote:
>
>
> On 11/25/2015 02:07 PM, Harald Dunkel wrote:
>> On 11/25/2015 12:33 PM, Tamas Papp wrote:
>>> Check out /etc/security/limits.d/ too.
>>>
>> Very helpful hint, but there is just a file
>> 20-nproc.conf. Its all commented out:
>>
>> #* soft nproc 4096
>> #root soft nproc unlimited
>>
>>
>
> Why are you sure, that it's something about the limits?
> What do you see actually?
>
Very easy: Using
#* hard nofile 65536
in limits.conf I can login as root via ssh. With
* hard nofile 65536
ssh logins as root don't work. Sample session:
# ssh lxc1
Last login: Wed Nov 25 11:00:21 2015 from linux.example.com
Connection to lxc1 closed.
#
The system log shows
Nov 25 11:08:58 lxc1.example.com sshd[186]: pam_limits(sshd:session): Could not set limit for 'nofile': Operation not permitted
Nov 25 11:08:58 lxc1.example.com sshd[186]: pam_unix(sshd:session): session opened for user root by (uid=0)
Nov 25 11:08:58 lxc1.example.com sshd[186]: error: PAM: pam_open_session(): Permission denied
The documentation for limits.conf states clearly that a wildcard
construct like
* hard nofile 65536
does *not* apply to root. IMHO it shouldn't fail.
:-{
Harri
More information about the lxc-users
mailing list