LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   no /etc/limits ? (https://www.linuxquestions.org/questions/slackware-14/no-etc-limits-346415/)

Mig21 07-25-2005 12:01 AM
no /etc/limits ?
 
hello

i've been reading about creating limits. one way is to edit /etc/limits according to man limits. does that work in slackware? do i have to enable something? /etc/limits does not exist. i created one and it doesn't seem to limit anything, here's what i put into it:

Code:
dude  L2D2048U4
i can log in more then twice and ulimit -a doesn't show any extra limits

i am new to this security business :)

thanks in advance.

DaneM 07-25-2005 05:13 AM
Have you tried looking in /etc/login.defs? There's a ulimit section in there.

--Dane

Mig21 07-25-2005 05:40 AM
no. is that file used by `login`?

i just realized the file i created does work. only not over ssh. isn't that weird?

when loggin on directly at the machine or over telnet all the limits seem to be in place.

i have spent hours now trying to figure out why ssh logins ignore the /etc/limits file.

only suggestion i found was to enable UseLogin in sshd_config but then i cannot log in at all:
Code:
~$ ssh 10.0.0.2
dude@10.0.0.2's password:
usage: login [-p] [name]
      login [-p] [-h host] [-f name]
      login [-p] -r host
Connection to 10.0.0.2 closed.
is securing a linux machine supposed to be this difficult? not that windows is any better...

maybe i just need some sleep

cheers

DaneM 07-25-2005 05:53 AM
Exactly what kind of limit are you trying to put into place? Are you trying to stop forkbombs? A little clarification would be helpful.

--Dane

Mig21 07-25-2005 07:24 AM
i have no specifics in mind. i want to make a secure linux system. people would have normal shell access (i hope that's possible)

forkbombs are one problem, but using up all the memory is just as bad. there are many things i want to take care of but for now the stuff described in `man limits`

gbonvehi 07-25-2005 08:30 AM
Did you try in login.defs as DaneM suggested? That file is read everytime you authentificate.

imitheos 07-25-2005 05:41 PM
the ULIMIT option in login.defs is entirely different.

the limits infrastracture exists in slackware as in every other linux distribution.
I don't know why slackware doesn't ship with a sample /etc/limits, but if you create it yourself it works perfectly.
/bin/login reads it.

I use it for a long time.

The most easy options are the following:
N: max number of open files
U: max number of processes (stop forkbombs)
L: max number of logins for this user.

(There are other very useful options too, but you can easily mess your system, that is why i don't mention them)

if you try "man limits" you get a very simple description of it.
If you google, there are very good tutorials for it.
If i remember correctly the PAM version of limits (limits.conf) uses a different syntax. I mention this so that when you
read some articles you don't get confused about what is written.
You can very easily convert the PAM syntax to yours.

Hope i helped.

Mig21 07-25-2005 11:18 PM
Quote:
Did you try in login.defs as DaneM suggested? That file is read everytime you authentificate.
looks like login.defs is a config file for `login`. `login` never runs (see my post above about what happens when i try to enable it with sshd)

i tried it anyway. it's ignored.

Quote:
I don't know why slackware doesn't ship with a sample /etc/limits, but if you create it yourself it works perfectly.
/bin/login reads it.

I use it for a long time.
ooh.. please tell me you use ssh? i figured out how to use /etc/limits but it will not be used by ssh because ssh does not run /bin/login :(

thanks everyone for trying to help.


All times are GMT -5. The time now is 04:36 AM.