Re: Installation of 389 DS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 2016-03-02 at 19:28 +0100, wodel youchi wrote:
> Hi,
> 
> I am a newbie on 389 DS, I was following the RDS install document from
> RedHat Documentation.
> 
> OS: Centos 7.2 x64 latest updates
> 389 DS :
> 389-admin-console-1.1.10-1.el7.noarch
> 389-ds-base-libs-1.3.4.0-26.el7_2.x86_64
> 389-ds-base-1.3.4.0-26.el7_2.x86_64
> 389-console-1.1.9-1.el7.noarch
> 389-ds-console-1.2.12-1.el7.noarch
> 389-adminutil-1.1.22-1.el7.x86_64
> 389-admin-1.1.42-1.el7.x86_64
> 
> In the consideration before setting up DS, it's mentioned that we need to
> add this line to

Can you provide a link to the documentation you are looking at? 

> 
> 
> 
> */etc/pam.d/system-authsession required /lib/security/$ISA/pam_limits.so*
> 
> After adding this line and rebooting the server, I am getting this error
> when I try to login into it:
> *Unknown module*
> 
> in */var/log/secure* I have
> *login: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so):
> /lib/security/../../lib64/security/pam_limits.so: cannot open shared object
> file: No such file or directory*
> 
> I did read the */etc/pam.d/system-auth* file again, and I found that there
> is a line like this in it
> *session     required      pam_limits.so*
> 
> My question is : do I need the
> *session required /lib/security/$ISA/pam_limits.so*
> for 389 to work properly ?
> and if yes, how to avoid the above error?
> 
> if no, does
> *session     required      pam_limits.so*
> do the work?

This looks like the old way (EL5 era) of modifying pam. These days you would just
change the line to be:

session required pam_limits.so

But IIRC that's already part of the pam configuration as you have already noted, so you SHOULD NOT need to touch this.

In other words, yes, pam_limits.so already does the work.


To be honest, I think that it's irrelevant these days, as on el7 it would be the
limits set by systemd that take effect, not the login shell limits, so you should
set those. Look at:

/etc/sysconfig/dirsrv.systemd

This file is included by /usr/lib/systemd/system/dirsrv@.service

Which is used to start / stop dirsrv on el7.

I hope that helps you.


-- 
Sincerely,

William Brown
Software Engineer
Red Hat, Brisbane

Attachment: signature.asc
Description: This is a digitally signed message part

--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux