Hello, I'm trying to implement setting of user limits (ulimit) in sshd. I'm not using PAM so I need it in the sshd itself. The task is very simple - just to put one line calling setup_limits(pw); and link with -lshadow. But the problem is, where to put this line. I did it in session.c, in do_child(), like this: #ifdef HAVE_OSF_SIA session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); if (!check_quietlogin(s, command)) do_motd(); #else /* HAVE_OSF_SIA */ /* When PAM is enabled we rely on it to do the nologin check */ if (!options.use_pam) { do_nologin(pw); setup_limits(pw); /* Setting up user limits */ } do_setusercontext(pw); /* * PAM session modules in do_setusercontext may have * generated messages, so if this in an interactive * login then display them too. */ if (!check_quietlogin(s, command)) display_loginmsg(); But I found a problem - in this place the code is already running with the user privileges, so the limits file (/etc/limits) is unreadable for it (normaly it's owned by root with privs 600). If I chmod to 644 or chown to the user trying to log in, it can be read and the limits are set. To be honest I don't understand, why it's happening before calling do_setusercontext(pw), but it is. I would need a better place, where to put this call, already in the child process but still running with root privs. With regards, Pavel _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev