Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Refresh patches | Steve Langasek | 2019-01-08 |
| | |||
* | make sure we're passing ctrl to the function if we need to check PAM_DEBUG | Steve Langasek | 2019-01-08 |
| | |||
* | debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Steve Langasek | 2019-01-08 |
| | | | | | | don't reset the process niceness for root; since it's root, they can still renice to a lower nice level if they need to and changing the nice level by default is unexpected behavior. Closes: #594377. | ||
* | * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Kees Cook | 2019-01-08 |
| | | | | | - only report about unknown kernel rlimits when "debug" is set (Closes: 625226, LP: #794531). | ||
* | debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: | Steve Langasek | 2019-01-08 |
| | | | | | set a better default RLIMIT_MEMLOCK value for BSD kernels. Thanks to Petr Salinger for the fix. Closes: #602902. | ||
* | update the existing 027_pam_limits_better_init_allow_explicit_root patch | Steve Langasek | 2019-01-08 |
| | | | | | | instead of creating a new parse-kernel-rlimits.patch, to keep these changes logically grouped together; and add a DEP3 patch header here since we didn't have one before | ||
* | Include changes to pam_limits/README in the patch, since they end up in the | Steve Langasek | 2019-01-08 |
| | | | | | package anyway and this gives us a cleaner ./debian/rules clean | ||
* | refresh other patches for new upstream release | Steve Langasek | 2019-01-08 |
| | |||
* | 027_pam_limits_better_init_allow_explicit_root: defaults need to be | Steve Langasek | 2019-01-08 |
| | | | | | declared as LIMITS_DEF_DEFAULT instead of LIMITS_DEF_ALL, otherwise global limits will fail to be applied. LP: #314222. | ||
* | 027_pam_limits_better_init_allow_explicit_root: set the RLIMIT_MEMLOCK | Steve Langasek | 2019-01-08 |
| | | | | limit correctly to match the kernel default, which is not RLIM_INFINITY. | ||
* | include documentation in the patch, giving examples of how to set | Steve Langasek | 2019-01-08 |
| | | | | limits for root. Thanks to Jonathan Marsden. | ||
* | revert the 'fix' for bug #515673, since this isn't really a bug at all. | Steve Langasek | 2019-01-08 |
| | |||
* | shadow the finite kernel defaults for RLIMIT_SIGPENDING and | Steve Langasek | 2019-01-08 |
| | | | | | RLIMIT_MSGQUEUE as well, so that the preceding changes don't suddenly expose systems to DoS or other issues. | ||
* | 027_pam_limits_better_init_allow_explicit_root: also fix the patch so | Steve Langasek | 2019-01-08 |
| | | | | | that our limit resets are actually *applied*, which has apparently been broken for who knows how long! | ||
* | 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY may or may | Steve Langasek | 2019-01-08 |
| | | | | | | | not be invalid for RLIMIT_NOFILE, but we don't want to set a hard limit of 1024 by default; try to set this limit to the value of /proc/sys/fs/nr_open if we can, or fall back to RLIM_INFINITY. Closes: #515673, LP: #327597. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY is also | Steve Langasek | 2019-01-03 |
| | | | | | invalid for RLIMIT_NOFILE, so when resetting the limits for a new session, use the kernel default of 1024 instead. Closes: #404836. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | fix-up commit for grafting svn history onto git history | Steve Langasek | 2019-01-02 |