[Bug 1691847] Re: * <type> <limit> <value> broken
Brian Murray
brian at ubuntu.com
Fri May 19 15:53:00 UTC 2017
This looks like it may still be an issue in the pam from artful
(1.1.8-3.2ubuntu3). Would you mind taking this to the upstream pam
developers?
** Tags added: xenial
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1691847
Title:
* <type> <limit> <value> broken
Status in pam package in Ubuntu:
New
Bug description:
I identified a bug in the pam_limits.c source code for Ubuntu
16.04LTS, as follows:
It appears that I managed to modify/"fix" the '*' unlimited memlock
error in pam_limits.c.
After compiling and running the modified code with the
/etc/security/limits.conf line of '* - memlock unlimited', I am
getting my user limits setting as 'ulimit -l unlimited'.
After studying the code more carefully, I found that the C function,
parse _config_file was first gathering the domain entry for the
user/group/everyone in an sscanf function. Using the domain result, a
second function was called from within a loop, parse_uid_range. A
range_type value, an integer reflecting the set range of users was to
be returned to the parse_config_file function. However, in the case
of '*' (Kleene star), no range_type was ever returned. Further down
in parse_config_file, the range_type was checked for a
LIMIT_RANGE_NONE value and '*' (the Kleene star). Because range_type
did not hold the LIMIT_RANGE_NONE value, the process_limit function
call was never made for '*' and instead a line break occurred that by-
passed the execution of putting in universal limits.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1691847/+subscriptions
More information about the foundations-bugs
mailing list