[Bug 1691847] Re: * <type> <limit> <value> broken

Thu May 18 20:23:48 UTC 2017

The attachment "Add to parser system the fix" seems to be a patch.  If
it isn't, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are a member of the ~ubuntu-reviewers,
unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1691847

Title:
  * <type> <limit> <value> broken

Status in pam package in Ubuntu:
  New

Bug description:
  I identified a bug in the pam_limits.c source code for Ubuntu
  16.04LTS, as follows:

  It appears that I managed to modify/"fix" the '*' unlimited memlock
  error in pam_limits.c.

  After compiling and running the modified code with the
  /etc/security/limits.conf line of '*   -    memlock  unlimited', I am
  getting my user limits setting as 'ulimit -l unlimited'.

  After studying the code more carefully, I found that the C function,
  parse _config_file was first gathering the domain entry for the
  user/group/everyone in an sscanf function.  Using the domain result, a
  second function was called from within a loop, parse_uid_range.  A
  range_type value, an integer reflecting the set range of users was to
  be returned to the parse_config_file function.  However, in the case
  of '*' (Kleene star), no range_type was ever returned.  Further down
  in parse_config_file, the range_type was checked for a
  LIMIT_RANGE_NONE value and '*' (the Kleene star).  Because range_type
  did not hold the LIMIT_RANGE_NONE value, the process_limit function
  call was never made for '*' and instead a line break occurred that by-
  passed the execution of putting in universal limits.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1691847/+subscriptions