Indeed, this would appear to be a bug: http://sourceforge.net/tracker/index.php?func=detail&aid=404953&group_id=6663&atid=106663 Thanks for the suggested fix. Cheers Andrew Werner Puschitz wrote: > > When I add the line 'username -' to the /etc/security/limits.conf file, > I'm getting the following error message in /var/log/messages when I su to > this account: > Mar 24 23:52:10 localhost pam_limits[6047]: error parsing the configuration file > > The code in the function parse_config_file() in pam_limits.c says: > > } else if (i == 2 && ltype[0] == '-') > if (strcmp(uname, domain) == 0) { > _pam_log(LOG_DEBUG, "no limits for '%s'", uname); > fclose(fil); > return PAM_IGNORE; > } else if (domain[0] == '@' && is_on_group(uname, domain+1)) { > _pam_log(LOG_DEBUG, "no limits for '%s' in group '%s'", > uname, domain+1); > fclose(fil); > return PAM_IGNORE; > } > } else { > > This function returns PAM_IGNORE when 'username -' is found in the > configuration file which looks OK to me. > > But when the exit status of the function parse_config_file() is checked: > > retval = parse_config_file(pwd->pw_name,ctrl); > if (retval != PAM_SUCCESS) { > _pam_log(LOG_WARNING, "error parsing the configuration file"); > return PAM_IGNORE; > } > > it prints the error message that the entry "username -" is wrong which is > very confusing. > > Shouldn't this code look like?: > > if (retval != PAM_SUCCESS) { > if (retval != PAM_IGNORE) > _pam_log(LOG_WARNING, "error parsing the configuration file"); > return PAM_IGNORE; > } > > Thanks > Werner > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list