Why don't you do a test without those changes in /etc/security/limits? -----Original Message----- From: pam-list-bounces@xxxxxxxxxx on behalf of Robert P. J. Day Sent: Thu 11/25/2004 8:20 PM To: Pluggable Authentication Modules Cc: Subject: Re: recent update to pam causing non-root ssh logins to fail? On Thu, 25 Nov 2004, Tomas Mraz wrote: > On Thu, 2004-11-25 at 06:53 -0500, Robert P. J. Day wrote: > > recently, my fedora core 2 system started rejecting ssh logins to my > > non-root account on that system. if, from a remote system, i ssh to > > root, no problem. if i ssh to my regular account, the connection is > > closed. > > account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 > This isn't the culprit. i'm willing to believe it's not the actual culprit but, as i read it (not being a PAM expert), it certainly allows uid < 100 logins. what seems to be missing is some additional rules that still allow uid greater than 100 logins, right? > > which clearly is what allows me to ssh in as root, but not as me. > > should i simply change that value? or is there a cleaner way to > > do this? thanks. > Have you possibly changed something in /etc/security/limits.conf > file recently? What is it's contents? yes. i added some content to support oracle 10g. here are the *total* non-commented contents of the limits.conf file: * soft nproc 2047 * hard nproc 16384 * soft nofile 1024 * hard nofile 65536 it doesn't *look* like any of those should cause a problem. more thoughts? rday _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
<<winmail.dat>>
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
