[lxc-users] oracle linux 7 in LXC: ulimit problem for root
Tamas Papp
tompos at martos.bme.hu
Wed Nov 25 18:04:26 UTC 2015
On 11/25/2015 04:54 PM, Harald Dunkel wrote:
> On 11/25/2015 02:27 PM, Tamas Papp wrote:
>>
>> On 11/25/2015 02:07 PM, Harald Dunkel wrote:
>>> On 11/25/2015 12:33 PM, Tamas Papp wrote:
>>>> Check out /etc/security/limits.d/ too.
>>>>
>>> Very helpful hint, but there is just a file
>>> 20-nproc.conf. Its all commented out:
>>>
>>> #* soft nproc 4096
>>> #root soft nproc unlimited
>>>
>>>
>> Why are you sure, that it's something about the limits?
>> What do you see actually?
>>
> Very easy: Using
>
> #* hard nofile 65536
>
> in limits.conf I can login as root via ssh. With
>
> * hard nofile 65536
>
> ssh logins as root don't work. Sample session:
>
> # ssh lxc1
> Last login: Wed Nov 25 11:00:21 2015 from linux.example.com
> Connection to lxc1 closed.
> #
>
> The system log shows
>
> Nov 25 11:08:58 lxc1.example.com sshd[186]: pam_limits(sshd:session): Could not set limit for 'nofile': Operation not permitted
> Nov 25 11:08:58 lxc1.example.com sshd[186]: pam_unix(sshd:session): session opened for user root by (uid=0)
> Nov 25 11:08:58 lxc1.example.com sshd[186]: error: PAM: pam_open_session(): Permission denied
>
> The documentation for limits.conf states clearly that a wildcard
> construct like
>
> * hard nofile 65536
>
> does *not* apply to root. IMHO it shouldn't fail.
Now I understand, what your problem is. I thought, you're still not able
to login.
Yes, it's a known issue. There are other similar limitations too:)
t
More information about the lxc-users
mailing list