misc/141840: OpenSSH allow raise resource limit via .login_conf
Andrey Zonov
andrey.zonov at gmail.com
Mon Dec 21 13:00:16 UTC 2009
>Number: 141840
>Category: misc
>Synopsis: OpenSSH allow raise resource limit via .login_conf
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 21 13:00:14 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Andrey Zonov
>Release: 7.2-STABLE, 8.0-STABLE
>Organization:
>Environment:
FreeBSD x.xxx.ru 7.2-STABLE FreeBSD 7.2-STABLE #0 r198488:198490M: Mon Oct 26 17:57:34 MSK 2009 root at x.xxx.ru:/opt/obj/opt/usr/SVN/7/sys/kernel amd64
>Description:
Via OpenSSH and .cogin_conf may raise resource limit on 7.2-STABLE, 8.0-STABLE.
>How-To-Repeat:
1. Add new login class in /etc/login.conf
test:\
:cputime=1h:\
:tc=default:
2. Make db
# cap_mkdb /etc/login.conf
3. Change login class for your account
# pw usermod $login -L test
4. Connect via ssh to this host by $login and execute `limits -a'
$ limits -a
Resource limits (current):
cputime 3600 secs
filesize infinity kB
datasize 524288 kB
stacksize 65536 kB
coredumpsize infinity kB
memoryuse infinity kB
memorylocked infinity kB
maxprocesses 3603
openfiles 7207
sbsize infinity bytes
vmemoryuse infinity kB
pseudo-terminals infinity
swapuse infinity kB
5. Create ~/.login_conf
me:\
:cputime=2h:
6. Connect again to this host and execute `limits -a'
$ limits -a
Resource limits (current):
cputime 7200 secs
filesize infinity kB
datasize 524288 kB
stacksize 65536 kB
coredumpsize infinity kB
memoryuse infinity kB
memorylocked infinity kB
maxprocesses 3603
openfiles 7207
sbsize infinity bytes
vmemoryuse infinity kB
pseudo-terminals infinity
swapuse infinity kB
In 6.4-RELEASE-p6 it does not work and it is correct behavior!
>Fix:
Workaround.
Add "UseLogin yes" in sshd_config and restart sshd
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list