Hi and thanks for your help,
This is the link of the documentation :https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Installation_Guide/Preparing_for_a_Directory_Server_Installation-Considerations.html
2016-03-03 1:05 GMT+01:00 William Brown <wibrown@xxxxxxxxxx>:
On Wed, 2016-03-02 at 19:28 +0100, wodel youchi wrote:
> Hi,
>
> I am a newbie on 389 DS, I was following the RDS install document from
> RedHat Documentation.
>
> OS: Centos 7.2 x64 latest updates
> 389 DS :
> 389-admin-console-1.1.10-1.el7.noarch
> 389-ds-base-libs-1.3.4.0-26.el7_2.x86_64
> 389-ds-base-1.3.4.0-26.el7_2.x86_64
> 389-console-1.1.9-1.el7.noarch
> 389-ds-console-1.2.12-1.el7.noarch
> 389-adminutil-1.1.22-1.el7.x86_64
> 389-admin-1.1.42-1.el7.x86_64
>
> In the consideration before setting up DS, it's mentioned that we need to
> add this line to
Can you provide a link to the documentation you are looking at?
>
>
>
> */etc/pam.d/system-authsession required /lib/security/$ISA/pam_limits.so*
>
> After adding this line and rebooting the server, I am getting this error
> when I try to login into it:
> *Unknown module*
>
> in */var/log/secure* I have
> *login: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so):
> /lib/security/../../lib64/security/pam_limits.so: cannot open shared object
> file: No such file or directory*
>
> I did read the */etc/pam.d/system-auth* file again, and I found that there
> is a line like this in it
> *session required pam_limits.so*
>
> My question is : do I need the
> *session required /lib/security/$ISA/pam_limits.so*
> for 389 to work properly ?
> and if yes, how to avoid the above error?
>
> if no, does
> *session required pam_limits.so*
> do the work?
This looks like the old way (EL5 era) of modifying pam. These days you would just
change the line to be:
session required pam_limits.so
But IIRC that's already part of the pam configuration as you have already noted, so you SHOULD NOT need to touch this.
In other words, yes, pam_limits.so already does the work.
To be honest, I think that it's irrelevant these days, as on el7 it would be the
limits set by systemd that take effect, not the login shell limits, so you should
set those. Look at:
/etc/sysconfig/dirsrv.systemd
This file is included by /usr/lib/systemd/system/dirsrv@.service
Which is used to start / stop dirsrv on el7.
I hope that helps you.
--
Sincerely,
William Brown
Software Engineer
Red Hat, Brisbane
--
389 users mailing list
389-users@%(host_name)s
http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
-- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
