-   Linux - Security (
-   -   setting memlock with limits.conf (

isaaclw 03-10-2012 11:30 PM

setting memlock with limits.conf
My server is linux mint 9, and I'm trying to mount an ecryptfs partition with fstab. The comments on the bug say I need to increase my "memlock"
(Comment #6, and #7)

So I've been looking at /etc/security/limits.conf to try and figure out how I can increase the memlock:

dirac ~ # cat /etc/security/limits.conf | grep -vP '^#'

*                hard        memlock                128
root                hard        memlock                128
isaac          hard    memlock        128
isaac          soft    memlock        32768

As far as I can tell, editing this file does nothing. I must be missing something.
When I log in as either root or isaac, the memlock is still 64:

dirac ~ # ulimit -l
isaac@dirac:/root$ ulimit -l

When I'm root, I can change the limit to 128, but it's only for the length of my login. When I'm 'isaac' I naturally get errors.

The man page says:

Also, please note that all limit settings are set per login. They are not global, nor are they permanent; existing only for the duration of the session.
Which makes me think that logging out and back in should reset it, but it doesn't.

dirac ~ # ps -ef | grep isaac
root    20901 20842  0 23:22 pts/0    00:00:00 grep --colour=auto isaac
dirac ~ # su isaac
isaac@dirac:/root$ ulimit -l

The one thing I haven't done yet is restart the server, but I'm interested in finding out if there's a way to fix this short of restarting.

isaaclw 03-11-2012 06:00 PM

Restarting didn't help. Instead I used this guide:

I edited:

isaac@dirac:~$ sudo vim /etc/pam.d/common-session
and added:

session required
Edit: Also this was over an ssh server, so I had to set "UsePAM yes" in sshd_config.

To the end.

All times are GMT -5. The time now is 06:24 PM.