diff --git a/90-nproc.conf b/90-nproc.conf index 9b57c1b..104dffd 100644 --- a/90-nproc.conf +++ b/90-nproc.conf @@ -3,3 +3,4 @@ # See rhbz #432903 for reasoning. * soft nproc 1024 +root soft nproc unlimited diff --git a/pam-1.1.5-limits-user.patch b/pam-1.1.5-limits-user.patch deleted file mode 100644 index 1890e4d..0000000 --- a/pam-1.1.5-limits-user.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up Linux-PAM-1.1.5/modules/pam_limits/limits.conf.limits Linux-PAM-1.1.5/modules/pam_limits/limits.conf ---- Linux-PAM-1.1.5/modules/pam_limits/limits.conf.limits 2011-06-21 11:04:56.000000000 +0200 -+++ Linux-PAM-1.1.5/modules/pam_limits/limits.conf 2011-12-21 09:09:17.000000000 +0100 -@@ -1,5 +1,8 @@ - # /etc/security/limits.conf - # -+#This file sets the resource limits for the users logged in via PAM. -+#It does not affect resource limits of the system services. -+# - #Each line describes a limit for a user in the form: - # - # diff --git a/pam-1.1.6-limits-user.patch b/pam-1.1.6-limits-user.patch new file mode 100644 index 0000000..3c17b78 --- /dev/null +++ b/pam-1.1.6-limits-user.patch @@ -0,0 +1,20 @@ +diff -up Linux-PAM-1.1.6/modules/pam_limits/limits.conf.limits Linux-PAM-1.1.6/modules/pam_limits/limits.conf +--- Linux-PAM-1.1.6/modules/pam_limits/limits.conf.limits 2012-08-15 13:08:43.000000000 +0200 ++++ Linux-PAM-1.1.6/modules/pam_limits/limits.conf 2013-03-14 16:43:37.615087671 +0100 +@@ -1,5 +1,16 @@ + # /etc/security/limits.conf + # ++#This file sets the resource limits for the users logged in via PAM. ++#It does not affect resource limits of the system services. ++# ++#Also note that configuration files in /etc/security/limits.d directory, ++#which are read in alphabetical order, override the settings in this ++#file in case the domain is the same or more specific. ++#That means for example that setting a limit for wildcard domain here ++#can be overriden with a wildcard setting in a config file in the ++#subdirectory, but a user specific setting here can be overriden only ++#with a user specific setting in the subdirectory. ++# + #Each line describes a limit for a user in the form: + # + # diff --git a/pam.spec b/pam.spec index 4c07abe..1246b4b 100644 --- a/pam.spec +++ b/pam.spec @@ -3,7 +3,7 @@ Summary: An extensible library which provides authentication for applications Name: pam Version: 1.1.6 -Release: 6%{?dist} +Release: 7%{?dist} # The library is BSD licensed with option to relicense as GPLv2+ # - this option is redundant as the BSD license allows that anyway. # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+. @@ -37,7 +37,7 @@ Patch9: pam-1.1.6-noflex.patch Patch10: pam-1.1.3-nouserenv.patch Patch11: pam-1.1.3-console-abstract.patch Patch12: pam-1.1.3-faillock-screensaver.patch -Patch13: pam-1.1.5-limits-user.patch +Patch13: pam-1.1.6-limits-user.patch Patch14: pam-1.1.6-audit-data.patch Patch15: pam-1.1.6-full-relro.patch # FIPS related - non upstreamable @@ -383,6 +383,9 @@ fi %doc doc/adg/*.txt doc/adg/html %changelog +* Thu Mar 14 2013 Tomáš Mráz 1.1.6-7 +- add workaround for low nproc limit for confined root user (#432903) + * Thu Feb 21 2013 Karsten Hopp 1.1.6-6 - add support for ppc64p7 arch (Power7 optimized)